skyler / rpms / scap-security-guide

Forked from rpms/scap-security-guide 3 years ago
Clone
Source Code
GIT

Blame SOURCES/test-stable-ids.patch

c7 c7-alt c7-beta c8 c8-beta c8s
  1.   575137e6a33f80e1d70ec7248ee82b9a9e1a9913
  2.   SOURCES
  3.   test-stable-ids.patch
Blob History Raw
575137 
diff --git a/tests/stable_profile_ids.py b/tests/stable_profile_ids.py
575137 
index b7523862d0..7ee4e9f758 100755
575137 
--- a/tests/stable_profile_ids.py
575137 
+++ b/tests/stable_profile_ids.py
575137 
@@ -18,13 +18,23 @@
575137 
 # xccdf_org.ssgproject.content_profile_ospp42 becomes ospp42
575137
575137 
 STABLE_PROFILE_IDS = {
575137 
-    "FEDORA": ["standard"],
575137 
+    "FEDORA": ["standard", "ospp", "pci-dss"],
575137 
     "RHEL-6": ["C2S", "CS2", "CSCF-RHEL6-MLS", "fisma-medium-rhel6-server",
575137 
                "pci-dss", "rht-ccp", "stig-rhel6-disa", "usgcb-rhel6-server"],
575137 
     "RHEL-7": ["C2S", "cjis", "hipaa", "nist-800-171-cui", "rht-ccp",
575137 
                "ospp", "ospp42", "pci-dss", "stig-rhel7-disa"],
575137 
+    "RHEL-8": ["ospp", "pci-dss"],
575137 
 }
575137
575137 
+
575137 
+BENCHMARK_TO_FILE_STEM = {
575137 
+    "FEDORA": "fedora",
575137 
+    "RHEL-6": "rhel6",
575137 
+    "RHEL-7": "rhel7",
575137 
+    "RHEL-8": "rhel8",
575137 
+}
575137 
+
575137 
+
575137 
 BENCHMARK_ID_PREFIX = "xccdf_org.ssgproject.content_benchmark_"
575137 
 PROFILE_ID_PREFIX = "xccdf_org.ssgproject.content_profile_"
575137
575137 
@@ -40,7 +50,7 @@ def parse_args():
575137 
     return p.parse_args()
575137
575137
575137 
-def gather_profiles_from_datastream(path, profiles_per_benchmark):
575137 
+def gather_profiles_from_datastream(path, build_dir, profiles_per_benchmark):
575137 
     input_tree = ssg.xml.ElementTree.parse(path)
575137 
     benchmarks = ssg.xccdf.get_benchmark_id_title_map(input_tree)
575137 
     if len(benchmarks) == 0:
575137 
@@ -53,6 +63,10 @@ def gather_profiles_from_datastream(path, profiles_per_benchmark):
575137 
         input_tree, benchmarks)
575137
575137 
     for bench_id, profile_id, title in benchmark_profile_pairs:
575137 
+        bench_short_id = bench_id[len(BENCHMARK_ID_PREFIX):]
575137 
+        if respective_datastream_absent(bench_short_id, build_dir):
575137 
+            continue
575137 
+
575137 
         if not bench_id.startswith(BENCHMARK_ID_PREFIX):
575137 
             raise RuntimeError("Expected benchmark ID '%s' from '%s' to be "
575137 
                                "prefixed with '%s'."
575137 
@@ -68,30 +82,49 @@ def gather_profiles_from_datastream(path, profiles_per_benchmark):
575137 
                                "prefixed with '%s'."
575137 
                                % (profile_id, path, PROFILE_ID_PREFIX))
575137
575137 
-        bench_id = bench_id[len(BENCHMARK_ID_PREFIX):]
575137 
         profile_id = profile_id[len(PROFILE_ID_PREFIX):]
575137
575137 
-        profiles_per_benchmark[bench_id].append(profile_id)
575137 
+        profiles_per_benchmark[bench_short_id].append(profile_id)
575137
575137
575137 
-def main():
575137 
-    args = parse_args()
575137 
+def respective_datastream_absent(bench_id, build_dir):
575137 
+    if bench_id not in BENCHMARK_TO_FILE_STEM:
575137 
+        return True
575137 
+
575137 
+    datastream_filename = "ssg-{stem}-ds.xml".format(stem=BENCHMARK_TO_FILE_STEM[bench_id])
575137 
+    datastream_path = os.path.join(build_dir, datastream_filename)
575137 
+    if not os.path.isfile(datastream_path):
575137 
+        return True
575137 
+    else:
575137 
+        return False
575137
575137 
+
575137 
+def check_build_dir(build_dir):
575137 
     profiles_per_benchmark = defaultdict(list)
575137 
-    for path in glob.glob(os.path.join(args.build_dir, "ssg-*-ds.xml")):
575137 
-        gather_profiles_from_datastream(path, profiles_per_benchmark)
575137 
+    for path in glob.glob(os.path.join(build_dir, "ssg-*-ds.xml")):
575137 
+        gather_profiles_from_datastream(path, build_dir, profiles_per_benchmark)
575137
575137 
-    for bench_id in STABLE_PROFILE_IDS.keys():
575137 
-        if bench_id not in profiles_per_benchmark:
575137 
-            raise RuntimeError("Benchmark of shortened ID '%s' was not found "
575137 
-                               "within any of the datastreams!" % (bench_id))
575137 
+    for bench_short_id in STABLE_PROFILE_IDS.keys():
575137 
+        if respective_datastream_absent(bench_short_id, build_dir):
575137 
+            continue
575137
575137 
-        for profile_id in STABLE_PROFILE_IDS[bench_id]:
575137 
-            if profile_id not in profiles_per_benchmark[bench_id]:
575137 
+        if bench_short_id not in profiles_per_benchmark:
575137 
+            raise RuntimeError("Expected benchmark ID '%s' has to be "
575137 
+                               "prefixed with '%s'."
575137 
+                               % (bench_short_id, BENCHMARK_ID_PREFIX))
575137 
+
575137 
+        for profile_id in STABLE_PROFILE_IDS[bench_short_id]:
575137 
+            if profile_id not in profiles_per_benchmark[bench_short_id]:
575137 
                 raise RuntimeError("Profile '%s' is required to be in the "
575137 
                                    "'%s' benchmark. It is a stable profile "
575137 
                                    "that can't be renamed or removed!"
575137 
-                                   % (profile_id, bench_id))
575137 
+                                   % (profile_id, bench_short_id))
575137 
+
575137 
+
575137 
+def main():
575137 
+    args = parse_args()
575137 
+
575137 
+    check_build_dir(args.build_dir)
575137
575137
575137 
 if __name__ == "__main__":

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation