CCI Information is blank in CKL output

[ljkimmel]

It seems that the latest CKL schema requires that each CCI reference be in its own <STIG_DATA> element and NOT be represented as an array (using brackets ([])).

That is:

<STIG_DATA>
          <VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
          <ATTRIBUTE_DATA>["CCI-000044", "CCI-002236", "CCI-002237", "CCI-002238"]</ATTRIBUTE_DATA>
</STIG_DATA>

Must be:

<STIG_DATA>
          <VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
          <ATTRIBUTE_DATA>CCI-000044</ATTRIBUTE_DATA>
</STIG_DATA>
<STIG_DATA>
          <VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
          <ATTRIBUTE_DATA>CCI-002236</ATTRIBUTE_DATA>
</STIG_DATA>
<STIG_DATA>
          <VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
          <ATTRIBUTE_DATA>CCI-002237</ATTRIBUTE_DATA>
</STIG_DATA>
<STIG_DATA>
          <VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
          <ATTRIBUTE_DATA>CCI-002238</ATTRIBUTE_DATA>
</STIG_DATA>

AND:

<STIG_DATA>
          <VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
          <ATTRIBUTE_DATA>["CCI-002238"]</ATTRIBUTE_DATA>
</STIG_DATA>

Must be:

<STIG_DATA>
          <VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
          <ATTRIBUTE_DATA>CCI-002238</ATTRIBUTE_DATA>
</STIG_DATA>

[aaronlippold]

This could be related to #131

[Bialogs]

How do you know this? The current iteration after I fixed #131 validates with the latest schema (in the the test/schema folder.

[ljkimmel]

I had converted an Inspec scan to CKL using inspec2ckl. I then took that CKL and imported into STIG Viewer (2.10). I noticed that there was no CCI information even though there was a section heading for it.

I then used the latest RHEL STIG to generate a CKL which had the CCI information populated. I compared the raw XML files and noticed that the working one had the CCIs broken out individually. I manually modified the inspec2ckl-generated file to separate the CCIs into individual elements and then reimported into STIG Viewer. At this time the CCI information is displayed.