content icon indicating copy to clipboard operation
content copied to clipboard

Published 20 hours ago verified publisher icon ComplianceAsCode

Updated 6 rules 2 for sle micro

Open rumch-se opened this issue 1 year ago • 5 comments
trafficstars

Description:

  • The PR includes updates of 6 rules to support new SUSE product sle micro according to DISA STIG

Rationale:

  • The list of the rules is auditd_audispd_network_failure_action auditd_audispd_disk_full_action accounts_have_homedir_login_defs no_empty_passwords_etc_shadow no_empty_passwords audit_rules_enable_syscall_auditing

rumch-se avatar Aug 23 '24 08:08 rumch-se

Hi @rumch-se. Thanks for your PR.

I'm waiting for a ComplianceAsCode member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

openshift-ci[bot] avatar Aug 23 '24 08:08 openshift-ci[bot]

Start a new ephemeral environment with changes proposed in this pull request:

rhel8 (from CTF) Environment (using Fedora as testing environment) Open in Gitpod

Fedora Testing Environment Open in Gitpod

Oracle Linux 8 Environment Open in Gitpod

github-actions[bot] avatar Aug 23 '24 08:08 github-actions[bot]

:robot: A k8s content image for this PR is available at: ghcr.io/complianceascode/k8scontent:12331 This image was built from commit: 8237441aca439936cc09f9abdeecdf2bd7639b1b

Click here to see how to deploy it

If you alread have Compliance Operator deployed: utils/build_ds_container.py -i ghcr.io/complianceascode/k8scontent:12331

Otherwise deploy the content and operator together by checking out ComplianceAsCode/compliance-operator and: CONTENT_IMAGE=ghcr.io/complianceascode/k8scontent:12331 make deploy-local

github-actions[bot] avatar Aug 23 '24 08:08 github-actions[bot]

@ComplianceAsCode/trusted-developers anyone can help with the failing test that prevent this PR from merging?

teacup-on-rockingchair avatar Sep 05 '24 15:09 teacup-on-rockingchair

/packit retest-failed

Mab879 avatar Sep 17 '24 19:09 Mab879

@ComplianceAsCode/trusted-developers anyone can help with the failing test that prevent this PR from merging?

It seems the issue with the no_empty_passwords rule is legit. I couldn't go deep investigating the cause of the issue, but tested the rule with master branch and it worked fine. When testing it with this PR, it is failing. Could you review any change involving this rule, please?

marcusburghardt avatar Sep 18 '24 09:09 marcusburghardt

Code Climate has analyzed commit 8237441a and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 59.5% (0.0% change).

View more on Code Climate.

qlty-cloud-legacy[bot] avatar Sep 26 '24 05:09 qlty-cloud-legacy[bot]

@ComplianceAsCode/trusted-developers anyone can help with the failing test that prevent this PR from merging?

It seems the issue with the no_empty_passwords rule is legit. I couldn't go deep investigating the cause of the issue, but tested the rule with master branch and it worked fine. When testing it with this PR, it is failing. Could you review any change involving this rule, please?

thanks :bow:

teacup-on-rockingchair avatar Sep 26 '24 05:09 teacup-on-rockingchair