github-actions[bot]
commented
1 month ago Start a new ephemeral environment with changes proposed in this pull request:
Fedora Environment
Oracle Linux 8 Environment
Closed jan-cerny closed 1 month ago
github-actions[bot]
commented
1 month ago Start a new ephemeral environment with changes proposed in this pull request:
Fedora Environment
Oracle Linux 8 Environment
codeclimate[bot]
commented
1 month ago Code Climate has analyzed commit 8a8e636e and detected 0 issues on this pull request.
The test coverage on the diff in this pull request is 100.0% (50% is the threshold).
This pull request will bring the total coverage in the repository to 61.0% (0.0% change).
View more on Code Climate.
Many rules currently marked with the
machineplatform should be applicable also to bootable containers. The reason is that often these rules check configuration that should be applied if the bootable container is deployed and booted on a real system. The applicability of these rules needs to be extended by marking them with thesystem_with_kernelplatform instead.We change the platforms carefully, we don't perform a blind mass platform replacement because not every rule that is currently marked as
machineshould be applicable to bootable containers, for example partition rules should be evaluated as "not applicable" when scanning a bootable container.For more details, please read commit messages of all commits.
Review hints
For normal (non-bootable) containers, run a scan and verify that the rules affected by this change are still evaluated as notapplicable as they were before this change. For example:
sudo oscap-podman centos:stream9 xccdf eval --profile stig --report /tmp/report.html build/ssg-cs9-ds.xml