search

simp / inspec-profile-disa_stig-el7

InSpec Profile for the EL7 DISA STIG
Apache License 2.0
22 stars 46 forks source link

Deprecated tests & Adding missing tests from RHEL7 STIG v2r4 #142

Closed HackerShark closed 3 years ago

HackerShark commented 4 years ago

Merging in PR #114 and #113

Pulled in latest updates from Master of Simp. Rebased depracatedTests with Simp master. Merged updates. Resolved all merge conflicts. Cleaned up controls. Made various fixes.

trevor-vaughan commented 4 years ago

@aaronlippold Looks like we're still having an issue, do you know what might be causing this?

https://travis-ci.org/github/simp/inspec-profile-disa_stig-el7/jobs/658905934#L1472

aaronlippold commented 4 years ago

It looks like a parsing issue of the outcoming JSON file. The only change they made to the JSON structure was when they added the waivers data.

On Wed, Mar 11, 2020, 9:52 AM Trevor Vaughan notifications@github.com wrote:

@aaronlippold https://github.com/aaronlippold Looks like we're still having an issue, do you know what might be causing this?

https://travis-ci.org/github/simp/inspec-profile-disa_stig-el7/jobs/658905934#L1472

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/simp/inspec-profile-disa_stig-el7/pull/142#issuecomment-597647246, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALK42CCIVBVPIQVH2VG24TRG6JRXANCNFSM4LBLDKIQ .

trevor-vaughan commented 4 years ago

I ran the test without these updates on a different repo and didn't have any issues so I think it's something related to this change but there's not really enough to go on.

trevor-vaughan commented 4 years ago

Oh, this is an issue with running the inspec command. Nothing has touched the JSON yet.

trevor-vaughan commented 4 years ago

I see that inspec is now running but we're not getting a report. Can you see if there is any valid output coming from this new data set?

trevor-vaughan commented 4 years ago

There seems to still be something wrong:

[root@el7 inspec]# inspec exec inspec_profiles/CentOS-7-disa_stig/CentOS-7-disa_stig --chef-license accept
Unable to parse inspec.yml: line 437, did not find expected key while parsing a block mapping
trevor-vaughan commented 4 years ago

This identified a bug in simp-beaker-helpers which was not providing adequate reporting when inspec failed.

Fixed in https://github.com/simp/rubygem-simp-beaker-helpers/pull/121 and will be released soon

op-ct commented 3 years ago

For anyone tracking this PR: simp/rubygem-simp-beaker-helpers#121 was released on April 07.

However, we've recently migrated our org's Travis CI from travis-ci.org to travis-ci.com, so restarting the previous Travis PR checks to pick up the new gems won't clear the failed travis-ci.org checks (and we can't get rid of them).

As a workaround: you can push up trivial change to the PR, which will prompt all CI PR checks rerun on the new commit from scratch.

trevor-vaughan commented 3 years ago

Closing. Maintenance has been moved to https://github.com/mitre/redhat-enterprise-linux-7-stig-baseline