Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rhcos4: Add check for nousb kernel argument #6743

Merged
merged 2 commits into from
Mar 24, 2021
Merged

rhcos4: Add check for nousb kernel argument #6743

merged 2 commits into from
Mar 24, 2021

Conversation

JAORMX
Copy link
Contributor

@JAORMX JAORMX commented Mar 23, 2021

This adds a check that verifies if the nousb kernel argument is set. If
it isn't it should generate an appropraite remediation.

This also enhances the coreos_kernel_option template and the
oval_argument_value_in_line_criterion and
oval_argument_value_in_line_test macros to not require arg_value
anymore. If this parameter is not given, it'll only use arg_name.

Signed-off-by: Juan Antonio Osorio Robles jaosorior@redhat.com

@openscap-ci
Copy link
Collaborator

openscap-ci commented Mar 23, 2021
edited
Loading

Changes identified:
Profiles:
 moderate on rhcos4

Show details

Profile moderate on rhcos4:
 Rule coreos_nousb_kernel_argument added to moderate profile.
 Rule grub2_nousb_argument removed from moderate profile.

Recommended tests to execute:
 build_product rhcos4
 tests/test_suite.py profile --libvirt qemu:///system test-suite-vm --datastream build/ssg-rhcos4-ds.xml moderate

ggbecker
ggbecker reviewed Mar 23, 2021
View reviewed changes
Copy link
Member

@ggbecker ggbecker left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since you are making the template parameter optional, you can update the documentation as well here: https://github.com/ComplianceAsCode/content/blame/master/docs/manual/developer/06_contributing_with_content.md#L1279

@JAORMX
Copy link
Contributor Author

JAORMX commented Mar 23, 2021

/test e2e-aws-ocp4-moderate

@JAORMX JAORMX requested a review from ggbecker March 24, 2021 08:10
@JAORMX
Copy link
Contributor Author

JAORMX commented Mar 24, 2021

/test e2e-aws-ocp4-moderate

@JAORMX
Copy link
Contributor Author

JAORMX commented Mar 24, 2021

@ggbecker I think this is good to go, can you revisit this?

ggbecker
ggbecker requested changes Mar 24, 2021
View reviewed changes
Copy link
Member

@ggbecker ggbecker left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One more nitpick regarding documentation.

@JAORMX
rhcos4: Add check for nousb kernel argument
f6df86f 
This adds a check that verifies if the nousb kernel argument is set. If
it isn't it should generate an appropraite remediation.

This also enhances the `coreos_kernel_option` template and the
`oval_argument_value_in_line_criterion` and
`oval_argument_value_in_line_test` macros to not require `arg_value`
anymore. If this parameter is not given, it'll only use `arg_name`.

Signed-off-by: Juan Antonio Osorio Robles <jaosorior@redhat.com>
@JAORMX JAORMX requested a review from ggbecker March 24, 2021 10:24
ggbecker
ggbecker approved these changes Mar 24, 2021
View reviewed changes
Copy link
Member

@ggbecker ggbecker left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks for addressing the requests. I pushed one typo fix and as soon the build finishes I'll merge it.

@ggbecker ggbecker merged commit 9f1bc45 into ComplianceAsCode:master Mar 24, 2021
@yuumasato yuumasato added this to the 0.1.56 milestone Mar 24, 2021
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ggbecker ggbecker ggbecker approved these changes

@yuumasato yuumasato Awaiting requested review from yuumasato

@jhrozek jhrozek Awaiting requested review from jhrozek

@mrogers950 mrogers950 Awaiting requested review from mrogers950

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.1.56
Development

Successfully merging this pull request may close these issues.
4 participants
@JAORMX @openscap-ci @ggbecker @yuumasato