From e92f5014924e2151afda7bbb72193d059de2e213 Mon Sep 17 00:00:00 2001 From: Lance Bragstad Date: Thu, 28 Sep 2023 16:40:06 -0500 Subject: [PATCH] CMP-2130: Implement support for profile versioning This commit adds support for an optional version attribute for Profile custom resources. This attribute is parsed out of the datastream and set on the Profile by the compliance operator. It's not intended for end users to supply their own version. Future patches may expand on this concept to support multiple versions of a single profile. --- CHANGELOG.md | 2 ++ config/crd/bases/compliance.openshift.io_profiles.yaml | 4 ++++ pkg/apis/compliance/v1alpha1/profile_types.go | 2 ++ pkg/apis/compliance/v1alpha1/zz_generated.deepcopy.go | 5 +++++ pkg/profileparser/profileparser.go | 6 ++++++ 5 files changed, 19 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6ad64261a..36cd9230a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,8 @@ Versioning](https://semver.org/spec/v2.0.0.html). more ergonomic to pause scans during maintenance periods. See the [enhancement](https://github.com/ComplianceAsCode/compliance-operator/pull/375) for more details. +- Implemented support for an optional `version` attribute on `Profile` custom + resources. ### Fixes diff --git a/config/crd/bases/compliance.openshift.io_profiles.yaml b/config/crd/bases/compliance.openshift.io_profiles.yaml index 5da9ae792..aabd2a5a1 100644 --- a/config/crd/bases/compliance.openshift.io_profiles.yaml +++ b/config/crd/bases/compliance.openshift.io_profiles.yaml @@ -55,6 +55,10 @@ spec: nullable: true type: array x-kubernetes-list-type: atomic + versions: + items: + type: string + type: array required: - description - id diff --git a/pkg/apis/compliance/v1alpha1/profile_types.go b/pkg/apis/compliance/v1alpha1/profile_types.go index 8686f66a8..109d0eb90 100644 --- a/pkg/apis/compliance/v1alpha1/profile_types.go +++ b/pkg/apis/compliance/v1alpha1/profile_types.go @@ -35,6 +35,8 @@ type ProfilePayload struct { // +optional // +listType=atomic Values []ProfileValue `json:"values,omitempty"` + // +optional + Versions []string `json:"versions"` } // +kubebuilder:object:root=true diff --git a/pkg/apis/compliance/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/compliance/v1alpha1/zz_generated.deepcopy.go index 2af88722d..0bc69fc21 100644 --- a/pkg/apis/compliance/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/compliance/v1alpha1/zz_generated.deepcopy.go @@ -777,6 +777,11 @@ func (in *ProfilePayload) DeepCopyInto(out *ProfilePayload) { *out = make([]ProfileValue, len(*in)) copy(*out, *in) } + if in.Versions != nil { + in, out := &in.Versions, &out.Versions + *out = make([]string, len(*in)) + copy(*out, *in) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProfilePayload. diff --git a/pkg/profileparser/profileparser.go b/pkg/profileparser/profileparser.go index 756ce662b..7c1bda2dd 100644 --- a/pkg/profileparser/profileparser.go +++ b/pkg/profileparser/profileparser.go @@ -311,6 +311,11 @@ func parseProfileFromNode(profileRoot *xmlquery.Node, pb *cmpv1alpha1.ProfileBun if description == nil { return LogAndReturnError("no description in profile") } + v := profileObj.SelectElement("xccdf-1.2:version") + var versions []string + if v != nil { + versions = append(versions, v.InnerText()) + } log.Info("Found profile", "id", id) // In case the profile sets its own CPE string @@ -362,6 +367,7 @@ func parseProfileFromNode(profileRoot *xmlquery.Node, pb *cmpv1alpha1.ProfileBun Description: utils.XmlNodeAsMarkdown(description), Rules: selectedrules, Values: selectedvalues, + Versions: versions, }, }