Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add ocp4 pci dss references #12309

Merged
merged 8 commits into from
Aug 30, 2024
Merged

Add ocp4 pci dss references #12309

merged 8 commits into from
Aug 30, 2024

Commits on Aug 27, 2024

  1. Remove ocp4 rule from rhel control 

    The audit_profile_set rule is an OCP rule, and is not necessary in this
control file.
Also, this rules is already selected in the pcidss_4_ocp4 control file,
and breaks the auto referencing feature
    @yuumasato
    yuumasato committed Aug 27, 2024
    Configuration menu
    Copy the full SHA
    4838606 View commit details
    Browse the repository at this point in the history

  2. Add pcidss4 reference to OCP4 control 

    Let's auto ref the PCI-DSS v4.0 rules
    @yuumasato
    yuumasato committed Aug 27, 2024
    Configuration menu
    Copy the full SHA
    9de4d0f View commit details
    Browse the repository at this point in the history

  3. Update version-less PCI-DSS profile to v4.0

    @yuumasato
    yuumasato committed Aug 27, 2024
    Configuration menu
    Copy the full SHA
    9d92335 View commit details
    Browse the repository at this point in the history

  4. Update PCI-DSS platform profile filters 

    New platforms for node were added and these profiles were not updated
to exclude these new node platforms.
    @yuumasato
    yuumasato committed Aug 27, 2024
    Configuration menu
    Copy the full SHA
    c2a587c View commit details
    Browse the repository at this point in the history

  5. Expand control processing to 'all' key 

    Allow a control to extend all controls of a policy with 'all' key.
    @yuumasato
    yuumasato committed Aug 27, 2024
    Configuration menu
    Copy the full SHA
    dba80db View commit details
    Browse the repository at this point in the history

  6. Add the references to the selected rules 

    Change Control.add_references() to iterate over the selected rules, not
the listed rules.

There can be differences on the rules in 'selected' and 'rules'.
When the Control is resolved, the final list of selected rules is in
'selected'.
This is particularly more evident when we are importing other controls.
    @yuumasato
    yuumasato committed Aug 27, 2024
    Configuration menu
    Copy the full SHA
    e0e795e View commit details
    Browse the repository at this point in the history

  7. Import OCP4 CIS rather than extending it 

    When a profile extends another one, the rules on the extended profile
are not auto referenced.
This patch importa the CIS into PCI-DSS, allowing the CIS rules to have
PCI-DSS added automatically.
    @yuumasato
    yuumasato committed Aug 27, 2024
    Configuration menu
    Copy the full SHA
    7d982e8 View commit details
    Browse the repository at this point in the history

  8. Add test for imports of 'all' controls 

    Test import of all controls of a specific level.
    @yuumasato
    yuumasato committed Aug 27, 2024
    Configuration menu
    Copy the full SHA
    4d8484e View commit details
    Browse the repository at this point in the history