From 5f0a9033b466d929613a2a55a1524ec75c09b5b0 Mon Sep 17 00:00:00 2001

From: Evgeny Kolesnikov <ekolesni@redhat.com>

Date: Thu, 6 May 2021 08:14:12 +0200

Subject: [PATCH] Introduce OSBuild Blueprint fix type

---

 utils/oscap-xccdf.c | 7 +++++--

 utils/oscap.8       | 2 +-

 xsl/xccdf-share.xsl | 1 +

 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/utils/oscap-xccdf.c b/utils/oscap-xccdf.c

index 95c1c7658d..801e54fa35 100644

--- a/utils/oscap-xccdf.c

+++ b/utils/oscap-xccdf.c

@@ -275,7 +275,8 @@ static struct oscap_module XCCDF_GEN_FIX = {

     .usage = "[options] xccdf-file.xml",

     .help = GEN_OPTS

         "\nFix Options:\n"

-		"   --fix-type <type>             - Fix type. Should be one of: bash, ansible, puppet, anaconda (default: bash).\n"

+		"   --fix-type <type>             - Fix type. Should be one of: bash, ansible, puppet, anaconda, ignition, kubernetes,\n"

+		"                                   blueprint (default: bash).\n"

 		"   --output <file>               - Write the script into file.\n"

 		"   --result-id <id>              - Fixes will be generated for failed rule-results of the specified TestResult.\n"

 		"   --template <id|filename>      - Fix template. (default: bash)\n"

@@ -887,10 +888,12 @@ int app_generate_fix(const struct oscap_action *action)

 			template = "urn:xccdf:fix:script:ignition";

 		} else if (strcmp(action->fix_type, "kubernetes") == 0) {

 			template = "urn:xccdf:fix:script:kubernetes";

+		} else if (strcmp(action->fix_type, "blueprint") == 0) {

+			template = "urn:redhat:osbuild:blueprint";

 		} else {

 			fprintf(stderr,

 					"Unknown fix type '%s'.\n"

-					"Please provide one of: bash, ansible, puppet, anaconda, ignition, kubernetes.\n"

+					"Please provide one of: bash, ansible, puppet, anaconda, ignition, kubernetes, blueprint.\n"

 					"Or provide a custom template using '--template' instead.\n",

 					action->fix_type);

 			return OSCAP_ERROR;

diff --git a/utils/oscap.8 b/utils/oscap.8

index 240b829d7b..6cae0ffe8a 100644

--- a/utils/oscap.8

+++ b/utils/oscap.8

@@ -395,7 +395,7 @@ Result-oriented fixes are generated using result-id provided to select only the

 Profile-oriented fixes are generated using all rules within the provided profile. If no result-id/profile are provided, (default) profile will be used to generate fixes.

 .TP

 \fB\-\-fix-type TYPE\fR

-Specify fix type. There are multiple programming languages in which the fix script can be generated. TYPE should be one of: bash, ansible, puppet, anaconda, ignition, kubernetes. Default is bash. This option is mutually exclusive with --template, because fix type already determines the template URN.

+Specify fix type. There are multiple programming languages in which the fix script can be generated. TYPE should be one of: bash, ansible, puppet, anaconda, ignition, kubernetes, blueprint. Default is bash. This option is mutually exclusive with --template, because fix type already determines the template URN.

 .TP

 \fB\-\-output FILE\fR

 Write the report to this file instead of standard output.

diff --git a/xsl/xccdf-share.xsl b/xsl/xccdf-share.xsl

index 9f8e587676..d7a9f3b7e2 100644

--- a/xsl/xccdf-share.xsl

+++ b/xsl/xccdf-share.xsl

@@ -295,6 +295,7 @@ Authors:

             <xsl:when test="$fix/@system = 'urn:xccdf:fix:script:puppet'">Puppet snippet</xsl:when>

             <xsl:when test="$fix/@system = 'urn:redhat:anaconda:pre'">Anaconda snippet</xsl:when>

             <xsl:when test="$fix/@system = 'urn:xccdf:fix:script:kubernetes'">Kubernetes snippet</xsl:when>

+            <xsl:when test="$fix/@system = 'urn:redhat:osbuild:blueprint'">OSBuild Blueprint snippet</xsl:when>

             <xsl:otherwise>script</xsl:otherwise>

         </xsl:choose>

     </xsl:variable>