Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add a refine-rule tailoring ability to autotailor #1877

Closed
wants to merge 18 commits into from

Conversation

matejak
Copy link
Contributor

@matejak matejak commented Jul 27, 2022

@matejak matejak added this to the 1.3.7 milestone Jul 27, 2022
utils/autotailor Outdated
change = ET.SubElement(profile, "xccdf-1.2:set-value")
change.set("idref", self._full_var_id(varname))
change.text = str(value)
self._add_rule_select_operations(container_element)(profile)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It doesn't look right

[jcerny@thinkpad openscap{pr/1877}]$ utils/autotailor /usr/share/xml/scap/ssg/content/ssg-fedora-ds.xml standard
Traceback (most recent call last):
  File "/home/jcerny/work/git/openscap/utils/autotailor", line 205, in <module>
    t.to_xml(args.output)
  File "/home/jcerny/work/git/openscap/utils/autotailor", line 120, in to_xml
    self._add_rule_select_operations(container_element)(profile)
NameError: name 'container_element' is not defined

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I feel like we should start adding unit tests for the autotailor tool.

@jan-cerny jan-cerny modified the milestones: 1.3.7, 1.3.8 Jan 26, 2023
@evgenyz evgenyz modified the milestones: 1.3.8, 1.3.10 Sep 6, 2023
matejak and others added 16 commits October 2, 2023 13:54
Instead of repeating the smae string all over the place, let's
have a single constant defined and then used.
If the `--new-profile-id` isn't provided by the user, we will
create the ID of the customized profile ID by appending the
`_customized` suffix to the base profile ID.

This change makes the behavior according to the help text of the
`--new-profile-id` option:
> If left out, the new ID will be obtained by appending '_customized'
> to the tailored profile ID.
and fix the failed asserts
We will move the condition that determines the ID of the customized
profile into the `Tailoring` class. This move helps encapsulate
code and also allows easier unit testing of this feature which
we immediately use to write a unit test in this commit as well :)
This patch adds two new command line options `--rule-role` and
`--rule-severity` that will allow users to refine rule role and
rule seveirty in their customized profile. Using these options
will generate `refine-rule` elements within the output tailoring
file.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2058168
This patch moves the logic for assigning the XCCDF Values for
outer space inside the Tailoring class by defining a method.
Explicitly setting namespaces of elements is the recommended way of using
namespaces. It helps prevent namespace errors. Also, it simplifies unit
testing of code that works with XML elements.
The new name of the variable better describes its actual contents.
This commit adds an integration test for autotailor. The goal
of the test is to verify if the tailoring produced by autotailor
can be loaded and consumed by oscap and if the generated tailoring
leads to the intended behavior of the profile evaluation.
The result will be that the autotailor unit tests will be executed
during the CTest which is run in our CI.
@jan-cerny jan-cerny force-pushed the autotailor_refine_rule branch from 21df149 to 48c013b Compare October 3, 2023 12:45
@pep8speaks
Copy link

pep8speaks commented Oct 3, 2023

Hello @matejak! Thanks for updating this PR. We checked the lines you've touched for PEP 8 issues, and found:

Line 6:1: E302 expected 2 blank lines, found 1

Comment last updated at 2023-10-03 13:14:53 UTC

@jan-cerny
Copy link
Member

This PR has been replaced by #2039

@jan-cerny jan-cerny closed this Oct 3, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants