65 lines
3.7 KiB
Diff
65 lines
3.7 KiB
Diff
|
From 5f0a9033b466d929613a2a55a1524ec75c09b5b0 Mon Sep 17 00:00:00 2001
|
||
|
From: Evgeny Kolesnikov <ekolesni@redhat.com>
|
||
|
Date: Thu, 6 May 2021 08:14:12 +0200
|
||
|
Subject: [PATCH] Introduce OSBuild Blueprint fix type
|
||
|
|
||
|
---
|
||
|
utils/oscap-xccdf.c | 7 +++++--
|
||
|
utils/oscap.8 | 2 +-
|
||
|
xsl/xccdf-share.xsl | 1 +
|
||
|
3 files changed, 7 insertions(+), 3 deletions(-)
|
||
|
|
||
|
diff --git a/utils/oscap-xccdf.c b/utils/oscap-xccdf.c
|
||
|
index 95c1c7658d..801e54fa35 100644
|
||
|
--- a/utils/oscap-xccdf.c
|
||
|
+++ b/utils/oscap-xccdf.c
|
||
|
@@ -275,7 +275,8 @@ static struct oscap_module XCCDF_GEN_FIX = {
|
||
|
.usage = "[options] xccdf-file.xml",
|
||
|
.help = GEN_OPTS
|
||
|
"\nFix Options:\n"
|
||
|
- " --fix-type <type> - Fix type. Should be one of: bash, ansible, puppet, anaconda (default: bash).\n"
|
||
|
+ " --fix-type <type> - Fix type. Should be one of: bash, ansible, puppet, anaconda, ignition, kubernetes,\n"
|
||
|
+ " blueprint (default: bash).\n"
|
||
|
" --output <file> - Write the script into file.\n"
|
||
|
" --result-id <id> - Fixes will be generated for failed rule-results of the specified TestResult.\n"
|
||
|
" --template <id|filename> - Fix template. (default: bash)\n"
|
||
|
@@ -887,10 +888,12 @@ int app_generate_fix(const struct oscap_action *action)
|
||
|
template = "urn:xccdf:fix:script:ignition";
|
||
|
} else if (strcmp(action->fix_type, "kubernetes") == 0) {
|
||
|
template = "urn:xccdf:fix:script:kubernetes";
|
||
|
+ } else if (strcmp(action->fix_type, "blueprint") == 0) {
|
||
|
+ template = "urn:redhat:osbuild:blueprint";
|
||
|
} else {
|
||
|
fprintf(stderr,
|
||
|
"Unknown fix type '%s'.\n"
|
||
|
- "Please provide one of: bash, ansible, puppet, anaconda, ignition, kubernetes.\n"
|
||
|
+ "Please provide one of: bash, ansible, puppet, anaconda, ignition, kubernetes, blueprint.\n"
|
||
|
"Or provide a custom template using '--template' instead.\n",
|
||
|
action->fix_type);
|
||
|
return OSCAP_ERROR;
|
||
|
diff --git a/utils/oscap.8 b/utils/oscap.8
|
||
|
index 240b829d7b..6cae0ffe8a 100644
|
||
|
--- a/utils/oscap.8
|
||
|
+++ b/utils/oscap.8
|
||
|
@@ -395,7 +395,7 @@ Result-oriented fixes are generated using result-id provided to select only the
|
||
|
Profile-oriented fixes are generated using all rules within the provided profile. If no result-id/profile are provided, (default) profile will be used to generate fixes.
|
||
|
.TP
|
||
|
\fB\-\-fix-type TYPE\fR
|
||
|
-Specify fix type. There are multiple programming languages in which the fix script can be generated. TYPE should be one of: bash, ansible, puppet, anaconda, ignition, kubernetes. Default is bash. This option is mutually exclusive with --template, because fix type already determines the template URN.
|
||
|
+Specify fix type. There are multiple programming languages in which the fix script can be generated. TYPE should be one of: bash, ansible, puppet, anaconda, ignition, kubernetes, blueprint. Default is bash. This option is mutually exclusive with --template, because fix type already determines the template URN.
|
||
|
.TP
|
||
|
\fB\-\-output FILE\fR
|
||
|
Write the report to this file instead of standard output.
|
||
|
diff --git a/xsl/xccdf-share.xsl b/xsl/xccdf-share.xsl
|
||
|
index 9f8e587676..d7a9f3b7e2 100644
|
||
|
--- a/xsl/xccdf-share.xsl
|
||
|
+++ b/xsl/xccdf-share.xsl
|
||
|
@@ -295,6 +295,7 @@ Authors:
|
||
|
<xsl:when test="$fix/@system = 'urn:xccdf:fix:script:puppet'">Puppet snippet</xsl:when>
|
||
|
<xsl:when test="$fix/@system = 'urn:redhat:anaconda:pre'">Anaconda snippet</xsl:when>
|
||
|
<xsl:when test="$fix/@system = 'urn:xccdf:fix:script:kubernetes'">Kubernetes snippet</xsl:when>
|
||
|
+ <xsl:when test="$fix/@system = 'urn:redhat:osbuild:blueprint'">OSBuild Blueprint snippet</xsl:when>
|
||
|
<xsl:otherwise>script</xsl:otherwise>
|
||
|
</xsl:choose>
|
||
|
</xsl:variable>
|