Test only the largest superset of rules for a given profile type

[comps]

An idea by @mildas - we could significantly reduce our testing matrix if we tested only

• anssi_bp28_enhanced
  • instead of all of enhanced , high , intermediary , minimal
• ccn_advanced
  • instead of all of advanced , intermediate, minimal
• maybe something with CIS and (not) testing all levels and server/workstation ?

It isn't 100% coverage as the profiles might theoretically have different variables, so a profile with the largest set of rules might still behave differently within the subset of rules of a smaller profile, ... but I think that's a reasonable trade-off for the significant testing matrix reduction.

[mildas]

List of multi-level profiles where higher levels inherit from lower ones:

• ANSSI
  • 4 levels - high, enhanced, intermediary, and minimal
  • high is the superset of other levels as it inherits from enhanced (enhanced interits from intermediary and so on) - https://github.com/ComplianceAsCode/content/blob/master/controls/anssi.yml#L6
• CIS
  • 2 variants (server and workstation) and each has 2 levels (cis_server_l1, cis (==Server Level 2), cis_workstation_l1, and cis_workstation_l2)
  • there is no connection between variants, however Levels 2 inherit from Level 1 (cis is superset of cis_server_l1, cis_workstation_l2 is superset of cis_workstation_l1) - https://github.com/ComplianceAsCode/content/blob/master/controls/cis_rhel8.yml#L7 or https://github.com/ComplianceAsCode/content/blob/master/controls/cis_rhel9.yml#L7
• CCN
  • 3 levels - advanced, intermediate, and basic
  • similarly to ANSSI, advanced is superset of other levels and inherints from intermediate. intermediate inherits from basic - https://github.com/ComplianceAsCode/content/blob/master/controls/ccn_rhel9.yml
• E8/ISM
  • In RHEL8 and RHEL9, ISM is superset of E8 profile
  • In RHEL10, ISM is not implemented as extension of E8