Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Introduce bootc remediation type #2166

Merged
merged 3 commits into from
Oct 22, 2024
Merged

Introduce bootc remediation type #2166

merged 3 commits into from
Oct 22, 2024

Conversation

jan-cerny
Copy link
Member

@jan-cerny jan-cerny commented Oct 11, 2024
edited
Loading

This PR introduces support for new remediation type "bootc".

Remediations of this type will be generated only internally by the future oscap-bootc script. They aren't supposed to be generated by any user.

The format of this remediation will be similar to "kickstart" remediation. However, only package installation and removal will be supported and different keywords will be used. Currently supported commands:

  • dnf install package_name
  • dnf remove package_name

Having a new remediation type instead of reusing "kickstart" will help us create SCAP content specific for the needs of bootable containers.

This PR is strongly connected to this PR: ComplianceAsCode/content#12497

github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 11, 2024
View reviewed changes
src/XCCDF_POLICY/xccdf_policy.c Dismissed Show dismissed Hide dismissed
@jan-cerny jan-cerny added the Image Mode Bootable containers and Image Mode RHEL label Oct 15, 2024
@jan-cerny jan-cerny changed the title [do not merge] bootc + sce Introduce bootc remediation type Oct 15, 2024
@jan-cerny jan-cerny mentioned this pull request Oct 15, 2024
Merged
@jan-cerny
Rename "package" keyword to "dnf"
4b6d0f2 
This will allow us in future to extend the code to support remediations
for systems where a different package manager than "dnf" is used.
@jan-cerny jan-cerny added this to the 1.3.11 milestone Oct 17, 2024
@jan-cerny jan-cerny marked this pull request as ready for review October 17, 2024 13:15
@matusmarhefka matusmarhefka self-assigned this Oct 22, 2024
@matusmarhefka matusmarhefka merged commit 93e6ee3 into OpenSCAP:maint-1.3 Oct 22, 2024
10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@matusmarhefka matusmarhefka matusmarhefka approved these changes

Assignees

@matusmarhefka matusmarhefka

Labels
Image Mode Bootable containers and Image Mode RHEL
Projects
None yet
Milestone
1.3.11
Development

Successfully merging this pull request may close these issues.
2 participants
@jan-cerny @matusmarhefka