204 lines
6.8 KiB
Diff
204 lines
6.8 KiB
Diff
From 7c0b04c157374e9251360d1d5e12a9e00dd4375e Mon Sep 17 00:00:00 2001
|
|
From: Watson Sato <wsato@redhat.com>
|
|
Date: Fri, 4 Sep 2020 09:50:54 +0200
|
|
Subject: [PATCH 1/3] Introduce platform_package_overrides
|
|
|
|
Introduce a mapping of CPE package platform name to a package name.
|
|
|
|
Each linux distro or version may have its specific name for a package,
|
|
this mapping allows a product to override the package name of a
|
|
platorm.
|
|
|
|
By default, it assumes that the package name will be the same as the
|
|
platform name.
|
|
---
|
|
rhel8/product.yml | 7 +++++++
|
|
ssg/build_remediations.py | 3 +++
|
|
2 files changed, 10 insertions(+)
|
|
|
|
diff --git a/rhel8/product.yml b/rhel8/product.yml
|
|
index 6cdc51919e..6b5b4e2748 100644
|
|
--- a/rhel8/product.yml
|
|
+++ b/rhel8/product.yml
|
|
@@ -18,3 +18,10 @@ aux_pkg_version: "d4082792"
|
|
|
|
release_key_fingerprint: "567E347AD0044ADE55BA8A5F199E2F91FD431D51"
|
|
auxiliary_key_fingerprint: "6A6AA7C97C8890AEC6AEBFE2F76F66C3D4082792"
|
|
+
|
|
+# Mapping of CPE platform to package
|
|
+platform_package_overrides:
|
|
+ grub2: "grub2-pc"
|
|
+ login_defs: "shadow-utils"
|
|
+ sssd: "sssd-common"
|
|
+ zipl: "s390x-utils"
|
|
diff --git a/ssg/build_remediations.py b/ssg/build_remediations.py
|
|
index 866450dd8c..ccbdf9fc1f 100644
|
|
--- a/ssg/build_remediations.py
|
|
+++ b/ssg/build_remediations.py
|
|
@@ -389,6 +389,9 @@ def update_when_from_rule(self, to_update):
|
|
if "package_facts" in to_update:
|
|
continue
|
|
|
|
+ if platform in self.local_env_yaml["platform_package_overrides"]:
|
|
+ platform = self.local_env_yaml["platform_package_overrides"].get(platform)
|
|
+
|
|
additional_when.append('"' + platform + '" in ansible_facts.packages')
|
|
# After adding the conditional, we need to make sure package_facts are collected.
|
|
# This is done via inject_package_facts_task()
|
|
|
|
From 10dc62084cf8e38be9189b527c3b99b545826091 Mon Sep 17 00:00:00 2001
|
|
From: Watson Sato <wsato@redhat.com>
|
|
Date: Fri, 4 Sep 2020 14:42:57 +0200
|
|
Subject: [PATCH 2/3] Move platform to cpe mappings to ssg/constants
|
|
|
|
---
|
|
rhel8/product.yml | 6 ------
|
|
ssg/constants.py | 8 ++++++++
|
|
2 files changed, 8 insertions(+), 6 deletions(-)
|
|
|
|
diff --git a/rhel8/product.yml b/rhel8/product.yml
|
|
index 6b5b4e2748..d839b23231 100644
|
|
--- a/rhel8/product.yml
|
|
+++ b/rhel8/product.yml
|
|
@@ -19,9 +19,3 @@ aux_pkg_version: "d4082792"
|
|
release_key_fingerprint: "567E347AD0044ADE55BA8A5F199E2F91FD431D51"
|
|
auxiliary_key_fingerprint: "6A6AA7C97C8890AEC6AEBFE2F76F66C3D4082792"
|
|
|
|
-# Mapping of CPE platform to package
|
|
-platform_package_overrides:
|
|
- grub2: "grub2-pc"
|
|
- login_defs: "shadow-utils"
|
|
- sssd: "sssd-common"
|
|
- zipl: "s390x-utils"
|
|
diff --git a/ssg/constants.py b/ssg/constants.py
|
|
index 3f9d7d37ce..7e9678241c 100644
|
|
--- a/ssg/constants.py
|
|
+++ b/ssg/constants.py
|
|
@@ -501,6 +501,14 @@
|
|
"zipl": "cpe:/a:zipl",
|
|
}
|
|
|
|
+# Default platform to package mapping
|
|
+XCCDF_PLATFORM_TO_PACKAGE = {
|
|
+ "grub2": "grub2-pc",
|
|
+ "login_defs": "login",
|
|
+ "sssd": "sssd-common",
|
|
+ "zipl": "s390x-utils",
|
|
+}
|
|
+
|
|
# _version_name_map = {
|
|
MAKEFILE_ID_TO_PRODUCT_MAP = {
|
|
'chromium': 'Google Chromium Browser',
|
|
|
|
From feb012f06adae989138be15431020f2c174becc4 Mon Sep 17 00:00:00 2001
|
|
From: Watson Sato <wsato@redhat.com>
|
|
Date: Fri, 4 Sep 2020 14:47:29 +0200
|
|
Subject: [PATCH 3/3] Allow override of default platform package mapping
|
|
|
|
With default platform to package mappings defined, we need to allow a
|
|
product to override it if needed.
|
|
---
|
|
rhel6/product.yml | 4 ++++
|
|
rhel7/product.yml | 4 ++++
|
|
rhel8/product.yml | 3 +++
|
|
rhosp10/product.yml | 3 +++
|
|
rhosp13/product.yml | 4 ++++
|
|
rhv4/product.yml | 4 ++++
|
|
ssg/yaml.py | 6 +++++-
|
|
8 files changed, 31 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/rhel6/product.yml b/rhel6/product.yml
|
|
index cc8fa4f8ed..eab9b80c47 100644
|
|
--- a/rhel6/product.yml
|
|
+++ b/rhel6/product.yml
|
|
@@ -20,3 +20,7 @@ aux_pkg_version: "2fa658e0"
|
|
|
|
release_key_fingerprint: "567E347AD0044ADE55BA8A5F199E2F91FD431D51"
|
|
auxiliary_key_fingerprint: "43A6E49C4A38F4BE9ABF2A5345689C882FA658E0"
|
|
+
|
|
+# Mapping of CPE platform to package
|
|
+platform_package_overrides:
|
|
+ login_defs: "shadow-utils"
|
|
diff --git a/rhel7/product.yml b/rhel7/product.yml
|
|
index f03c928b8f..3ff996b8cc 100644
|
|
--- a/rhel7/product.yml
|
|
+++ b/rhel7/product.yml
|
|
@@ -18,3 +18,7 @@ aux_pkg_version: "2fa658e0"
|
|
|
|
release_key_fingerprint: "567E347AD0044ADE55BA8A5F199E2F91FD431D51"
|
|
auxiliary_key_fingerprint: "43A6E49C4A38F4BE9ABF2A5345689C882FA658E0"
|
|
+
|
|
+# Mapping of CPE platform to package
|
|
+platform_package_overrides:
|
|
+ login_defs: "shadow-utils"
|
|
diff --git a/rhel8/product.yml b/rhel8/product.yml
|
|
index d839b23231..f3aa59faec 100644
|
|
--- a/rhel8/product.yml
|
|
+++ b/rhel8/product.yml
|
|
@@ -19,3 +19,6 @@ aux_pkg_version: "d4082792"
|
|
release_key_fingerprint: "567E347AD0044ADE55BA8A5F199E2F91FD431D51"
|
|
auxiliary_key_fingerprint: "6A6AA7C97C8890AEC6AEBFE2F76F66C3D4082792"
|
|
|
|
+# Mapping of CPE platform to package
|
|
+platform_package_overrides:
|
|
+ login_defs: "shadow-utils"
|
|
diff --git a/rhosp10/product.yml b/rhosp10/product.yml
|
|
index 51d0a932a5..af42ca998d 100644
|
|
--- a/rhosp10/product.yml
|
|
+++ b/rhosp10/product.yml
|
|
@@ -10,3 +10,6 @@ pkg_manager: "yum"
|
|
|
|
init_system: "systemd"
|
|
|
|
+# Mapping of CPE platform to package
|
|
+platform_package_overrides:
|
|
+ login_defs: "shadow-utils"
|
|
diff --git a/rhosp13/product.yml b/rhosp13/product.yml
|
|
index 5e849ff609..ba42a31cd7 100644
|
|
--- a/rhosp13/product.yml
|
|
+++ b/rhosp13/product.yml
|
|
@@ -9,3 +9,7 @@ profiles_root: "./profiles"
|
|
pkg_manager: "yum"
|
|
|
|
init_system: "systemd"
|
|
+
|
|
+# Mapping of CPE platform to package
|
|
+platform_package_overrides:
|
|
+ login_defs: "shadow-utils"
|
|
diff --git a/rhv4/product.yml b/rhv4/product.yml
|
|
index 10a2eda079..a61bf1588d 100644
|
|
--- a/rhv4/product.yml
|
|
+++ b/rhv4/product.yml
|
|
@@ -18,3 +18,7 @@ aux_pkg_version: "d4082792"
|
|
|
|
release_key_fingerprint: "567E347AD0044ADE55BA8A5F199E2F91FD431D51"
|
|
auxiliary_key_fingerprint: "6A6AA7C97C8890AEC6AEBFE2F76F66C3D4082792"
|
|
+
|
|
+# Mapping of CPE platform to package
|
|
+platform_package_overrides:
|
|
+ login_defs: "shadow-utils"
|
|
diff --git a/ssg/yaml.py b/ssg/yaml.py
|
|
index cefbba374c..22cf5bad66 100644
|
|
--- a/ssg/yaml.py
|
|
+++ b/ssg/yaml.py
|
|
@@ -10,7 +10,8 @@
|
|
|
|
from .jinja import load_macros, process_file
|
|
from .constants import (PKG_MANAGER_TO_SYSTEM,
|
|
- PKG_MANAGER_TO_CONFIG_FILE)
|
|
+ PKG_MANAGER_TO_CONFIG_FILE,
|
|
+ XCCDF_PLATFORM_TO_PACKAGE)
|
|
from .constants import DEFAULT_UID_MIN
|
|
|
|
try:
|
|
@@ -138,6 +139,9 @@ def open_raw(yaml_file):
|
|
|
|
def open_environment(build_config_yaml, product_yaml):
|
|
contents = open_raw(build_config_yaml)
|
|
+ # Load common platform package mappings,
|
|
+ # any specific mapping in product_yaml will override the default
|
|
+ contents["platform_package_overrides"] = XCCDF_PLATFORM_TO_PACKAGE
|
|
contents.update(open_raw(product_yaml))
|
|
contents.update(_get_implied_properties(contents))
|
|
return contents
|