content icon indicating copy to clipboard operation
content copied to clipboard

Published 20 hours ago verified publisher icon ComplianceAsCode

Initial OSPP Control File

Open Mab879 opened this issue 1 year ago • 8 comments

Description:

Create Initial OSPP control file.

This is an automatically created using the script in this branches history.

Rationale:

Get the RHEL 10 draft OSPP profile ready.

Mab879 avatar Apr 24 '24 20:04 Mab879

Skipping CI for Draft Pull Request. If you want CI signal for your change, please convert it to an actual PR. You can still manually trigger a test run with /test all

openshift-ci[bot] avatar Apr 24 '24 20:04 openshift-ci[bot]

Start a new ephemeral environment with changes proposed in this pull request:

Fedora Environment Open in Gitpod

Oracle Linux 8 Environment Open in Gitpod

github-actions[bot] avatar Apr 24 '24 20:04 github-actions[bot]

:robot: A k8s content image for this PR is available at: ghcr.io/complianceascode/k8scontent:11882 This image was built from commit: 2ae468d2625efa677fdd50c14ab94b59412d320f

Click here to see how to deploy it

If you alread have Compliance Operator deployed: utils/build_ds_container.py -i ghcr.io/complianceascode/k8scontent:11882

Otherwise deploy the content and operator together by checking out ComplianceAsCode/compliance-operator and: CONTENT_IMAGE=ghcr.io/complianceascode/k8scontent:11882 make deploy-local

github-actions[bot] avatar Apr 24 '24 20:04 github-actions[bot]

@ggbecker , could you take a look, please?

marcusburghardt avatar Apr 29 '24 09:04 marcusburghardt

@ggbecker If you suggestions for titles please let me know.

Mab879 avatar Apr 29 '24 13:04 Mab879

Script for creating this has been posted in #11916

Mab879 avatar Apr 29 '24 21:04 Mab879

@ggbecker If you suggestions for titles please let me know.

A few things I noticed here.

First, some references changed from OSPP 4.2.1 to 4.3, for example: https://www.niap-ccevs.org/MMO/PP/-442-/#FCS_COP.1(1) is now https://www.niap-ccevs.org/MMO/PP/OS%204.3%20PP/#FCS_COP.1/ENCRYPT, so there is a small change in how it's represented: FCS_COP.1(1) -> FCS_COP.1/ENCRYPT.

Second, you can use the title as defined in this for example: https://www.niap-ccevs.org/MMO/PP/OS%204.3%20PP/#FCS_COP.1/ENCRYPT -> Cryptographic Operation - Encryption/Decryption (Refined)

and last, this table contains the rationale for each requirement that could be used in the description of each control defined: https://www.niap-ccevs.org/MMO/PP/OS%204.3%20PP/#obj-req-map

ggbecker avatar Apr 30 '24 07:04 ggbecker

Code Climate has analyzed commit 2ae468d2 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 59.4% (0.0% change).

View more on Code Climate.

qlty-cloud-legacy[bot] avatar May 03 '24 15:05 qlty-cloud-legacy[bot]