Lance Bragstad
Lance Bragstad
I deployed this change into a cluster, then attempted to verify each rule in the PCI-DSS profiles has the expected reference, but only a handful of them did. Here are...
> I think the OCIL has to be changed too. While the patch command would make the system compliant, there would be no ciphers for TLS1.3, which (might?) put the...
> @rhmdnd Another issue is: seems the autoremediation cr will be in error status and will always fail due to permission issue: `Unable to get fix object from ComplianceRemediation. Please...
> @rhmdnd I tried catalogsource ghcr.io/complianceascode/compliance-operator-catalog:558 and ghcr.io/complianceascode/compliance-operator-catalog:573, I still got the same error. Could you please help to double check? Thanks. Strange - I wonder if the catalog source...
> Then [#12220 (comment)](https://github.com/ComplianceAsCode/content/pull/12220#issuecomment-2272899368) this comment will be the only question left. Good catch - fixed.
/test 4.12-e2e-aws-ocp4-cis /test 4.13-e2e-aws-ocp4-cis /test 4.14-e2e-aws-ocp4-cis /test 4.15-e2e-aws-ocp4-cis /test 4.16-e2e-aws-ocp4-cis
@yuumasato @Vincent056 this should be ready for another look
> I am not sure whether we need to keep it in the custom list or not. I can remove it. I found it in https://ciphersuite.info/cs/TLS_AES_128_CCM_SHA256/ which says it's secure,...