Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge branch maint-1.3 to main #2192

Merged
merged 13 commits into from
Jan 7, 2025
Merged

Conversation

jan-cerny
Copy link
Member

This will bring the latest changes done in maint-1.3 branch to main branch, including the oscap-im tool updates.

mrkanon and others added 13 commits November 8, 2024 16:58
This change will cause automatic building of COPR builds after
committing to `maint-1.3` branch. The `maint-1.3` branch isn't the
project default branch. Without specifying the branch, Packit builds
after committing only to the project's default branch, which is the
`main` branch at this moment. The `maint-1.3` branch used to be default
branch, but after we switched the default branch to main, the COPR
builds on maint-1.3 stopped to be built.

Related documentation:
https://packit.dev/docs/configuration/upstream/copr_build
Build COPR builds for maint-1.3
The current configuration makes build Fedora builds on commit to the
maint-1.3 branch.
https://copr.fedorainfracloud.org/coprs/packit/OpenSCAP-openscap-maint-1.3/
But, we wanted to have CentOS Stream builds instead.
Request CentOS Stream builds explicitly
Update bug report link in openscap_api.py
The script is updated to first verify that it runs in a bootable
container environment - `bootc` package must be installed and
`/run/.containerenv` file must exist which indicates we are running
inside a container. If it is not running inside a bootable container
environment it informs user and exits.

Another change is that installation of `openscap-engine-sce`
package has been moved from specfile into the script as the
script already installs other requirements which are needed
by SCE checks from CaC/content.
After we added SCE checks to ComplianceAsCode data streams we discovered
that the oscap info output is appalling because it's polluted by all the
SCE check information. In this commit, we will address this problem by
removing SCE checks from the "Referenced check files:" section. Then, we
will completely remove the "Checks:" and "Dictionaries:" sections
because they only list crefs and crefs are internal data stream
identifiers that noone should be interested in.
…dencies

Update oscap-bootc to verify it runs in bootable container env
This commit renames the `oscap-bootc` tool to `oscap-im`. IM stands for
Image Mode. The `bootc` is just one of the tools that participate on the
Image Mode Operating System experience, therefore, it's more appropriate
to use Image Mode than bootc in the tooling naming. It should be safe to
rename it now because the `oscap-bootc` hasn't been released in upstream
nor in downstream.
@pep8speaks
Copy link

Hello @jan-cerny! Thanks for opening this PR. We checked the lines you've touched for PEP 8 issues, and found:

Line 814:100: E501 line too long (108 > 99 characters)
Line 835:100: E501 line too long (115 > 99 characters)
Line 844:100: E501 line too long (115 > 99 characters)

@evgenyz evgenyz merged commit 3ef3f34 into OpenSCAP:main Jan 7, 2025
17 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants