openscap/SOURCES/openscap-1.3.6-PR-1749-blueprint-fix.patch

From 5f0a9033b466d929613a2a55a1524ec75c09b5b0 Mon Sep 17 00:00:00 2001
From: Evgeny Kolesnikov <ekolesni@redhat.com>
Date: Thu, 6 May 2021 08:14:12 +0200
Subject: [PATCH] Introduce OSBuild Blueprint fix type

---
 utils/oscap-xccdf.c | 7 +++++--
 utils/oscap.8       | 2 +-
 xsl/xccdf-share.xsl | 1 +
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/utils/oscap-xccdf.c b/utils/oscap-xccdf.c
index 95c1c7658d..801e54fa35 100644
--- a/utils/oscap-xccdf.c
+++ b/utils/oscap-xccdf.c
@@ -275,7 +275,8 @@ static struct oscap_module XCCDF_GEN_FIX = {
     .usage = "[options] xccdf-file.xml",
     .help = GEN_OPTS
         "\nFix Options:\n"
-		"   --fix-type <type>             - Fix type. Should be one of: bash, ansible, puppet, anaconda (default: bash).\n"
+		"   --fix-type <type>             - Fix type. Should be one of: bash, ansible, puppet, anaconda, ignition, kubernetes,\n"
+		"                                   blueprint (default: bash).\n"
 		"   --output <file>               - Write the script into file.\n"
 		"   --result-id <id>              - Fixes will be generated for failed rule-results of the specified TestResult.\n"
 		"   --template <id|filename>      - Fix template. (default: bash)\n"
@@ -887,10 +888,12 @@ int app_generate_fix(const struct oscap_action *action)
 			template = "urn:xccdf:fix:script:ignition";
 		} else if (strcmp(action->fix_type, "kubernetes") == 0) {
 			template = "urn:xccdf:fix:script:kubernetes";
+		} else if (strcmp(action->fix_type, "blueprint") == 0) {
+			template = "urn:redhat:osbuild:blueprint";
 		} else {
 			fprintf(stderr,
 					"Unknown fix type '%s'.\n"
-					"Please provide one of: bash, ansible, puppet, anaconda, ignition, kubernetes.\n"
+					"Please provide one of: bash, ansible, puppet, anaconda, ignition, kubernetes, blueprint.\n"
 					"Or provide a custom template using '--template' instead.\n",
 					action->fix_type);
 			return OSCAP_ERROR;
diff --git a/utils/oscap.8 b/utils/oscap.8
index 240b829d7b..6cae0ffe8a 100644
--- a/utils/oscap.8
+++ b/utils/oscap.8
@@ -395,7 +395,7 @@ Result-oriented fixes are generated using result-id provided to select only the
 Profile-oriented fixes are generated using all rules within the provided profile. If no result-id/profile are provided, (default) profile will be used to generate fixes.
 .TP
 \fB\-\-fix-type TYPE\fR
-Specify fix type. There are multiple programming languages in which the fix script can be generated. TYPE should be one of: bash, ansible, puppet, anaconda, ignition, kubernetes. Default is bash. This option is mutually exclusive with --template, because fix type already determines the template URN.
+Specify fix type. There are multiple programming languages in which the fix script can be generated. TYPE should be one of: bash, ansible, puppet, anaconda, ignition, kubernetes, blueprint. Default is bash. This option is mutually exclusive with --template, because fix type already determines the template URN.
 .TP
 \fB\-\-output FILE\fR
 Write the report to this file instead of standard output.
diff --git a/xsl/xccdf-share.xsl b/xsl/xccdf-share.xsl
index 9f8e587676..d7a9f3b7e2 100644
--- a/xsl/xccdf-share.xsl
+++ b/xsl/xccdf-share.xsl
@@ -295,6 +295,7 @@ Authors:
             <xsl:when test="$fix/@system = 'urn:xccdf:fix:script:puppet'">Puppet snippet</xsl:when>
             <xsl:when test="$fix/@system = 'urn:redhat:anaconda:pre'">Anaconda snippet</xsl:when>
             <xsl:when test="$fix/@system = 'urn:xccdf:fix:script:kubernetes'">Kubernetes snippet</xsl:when>
+            <xsl:when test="$fix/@system = 'urn:redhat:osbuild:blueprint'">OSBuild Blueprint snippet</xsl:when>
             <xsl:otherwise>script</xsl:otherwise>
         </xsl:choose>
     </xsl:variable>