Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

stop building PCI-DSS-centric XCCDF benchmark for RHEL 7 #8122

Merged
merged 2 commits into from
Jan 28, 2022
Merged

stop building PCI-DSS-centric XCCDF benchmark for RHEL 7 #8122

merged 2 commits into from
Jan 28, 2022

Conversation

vojtapolasek
Copy link
Collaborator

Description:

  • remove scripts which were used for this artifact
  • remove steps from the Cmake build config

Rationale:

  • the way in which the benchmark was created (transofmration from regular benchmark) posed significant technical hurdle for improvements in CPE AL features
  • after evaluating its use cases and usability it was decided to stop building it

@vojtapolasek vojtapolasek added RHEL Red Hat Enterprise Linux product related. Infrastructure Our content build system Highlight This PR/Issue should make it to the featured changelog. labels Jan 28, 2022
@vojtapolasek vojtapolasek added this to the 0.1.61 milestone Jan 28, 2022
@Mab879 Mab879 self-assigned this Jan 28, 2022
@Mab879 Mab879 merged commit 2d0d6d9 into ComplianceAsCode:master Jan 28, 2022
ggbecker
ggbecker reviewed Jan 31, 2022
View reviewed changes
cmake/SSGCommon.cmake
Comment on lines 572 to 580
COMMAND "${OPENSCAP_OSCAP_EXECUTABLE}" ds sds-compose --skip-valid "${CMAKE_BINARY_DIR}/ssg-${PRODUCT}-xccdf-1.2.xml" "${CMAKE_BINARY_DIR}/${PRODUCT}/ssg-${PRODUCT}-ds-base.xml"
COMMAND "${SED_EXECUTABLE}" -i 's/schematron-version="[0-9].[0-9]"/schematron-version="1.2"/' "${CMAKE_BINARY_DIR}/${PRODUCT}/ssg-${PRODUCT}-ds-base.xml"
COMMAND "${OPENSCAP_OSCAP_EXECUTABLE}" ds sds-add --skip-valid "${CMAKE_BINARY_DIR}/ssg-${PRODUCT}-cpe-dictionary.xml" "${CMAKE_BINARY_DIR}/${PRODUCT}/ssg-${PRODUCT}-ds-base.xml"
COMMAND "${OPENSCAP_OSCAP_EXECUTABLE}" ds sds-add --skip-valid "${CMAKE_BINARY_DIR}/ssg-${PRODUCT}-pcidss-xccdf-1.2.xml" "${CMAKE_BINARY_DIR}/${PRODUCT}/ssg-${PRODUCT}-ds-base.xml"
WORKING_DIRECTORY "${CMAKE_BINARY_DIR}"
COMMAND env "PYTHONPATH=$ENV{PYTHONPATH}" "${PYTHON_EXECUTABLE}" "${SSG_BUILD_SCRIPTS}/sds_move_ocil_to_checks.py" "${CMAKE_BINARY_DIR}/${PRODUCT}/ssg-${PRODUCT}-ds-base.xml" "${CMAKE_BINARY_DIR}/${PRODUCT}/ssg-${PRODUCT}-ds-base.xml"
DEPENDS generate-ssg-${PRODUCT}-xccdf-1.2.xml
DEPENDS generate-ssg-${PRODUCT}-oval.xml
DEPENDS generate-ssg-${PRODUCT}-ocil.xml
DEPENDS generate-ssg-${PRODUCT}-cpe-dictionary.xml
DEPENDS generate-ssg-${PRODUCT}-pcidss-xccdf-1.2.xml
COMMENT "[${PRODUCT}-content] generating ssg-${PRODUCT}-ds-base.xml"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe this entire if block can be purged since it's the same as in the else statement now.

This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ggbecker ggbecker ggbecker left review comments

@Mab879 Mab879 Mab879 approved these changes

Assignees

@Mab879 Mab879

Labels
Highlight This PR/Issue should make it to the featured changelog. Infrastructure Our content build system RHEL Red Hat Enterprise Linux product related.
Projects
None yet
Milestone
0.1.61
Development

Successfully merging this pull request may close these issues.
3 participants
@vojtapolasek @Mab879 @ggbecker