From 2e8fc0bbce4c550e5aad40472d3eda4f9857966a Mon Sep 17 00:00:00 2001 From: Steven Pritchard Date: Mon, 25 Nov 2024 09:47:25 -0600 Subject: [PATCH] Fix use of legacy facts Also ensure we're testing against latest upstream modules. Fixes #116 --- .fixtures.yml | 4 +-- CHANGELOG | 3 ++ SIMP/compliance_profiles/checks.yaml | 28 +++++++++---------- metadata.json | 2 +- .../compliance/01_simp_profile_inspec_spec.rb | 2 +- .../compliance/10_stig_profile_oscap_spec.rb | 2 +- 6 files changed, 21 insertions(+), 20 deletions(-) diff --git a/.fixtures.yml b/.fixtures.yml index 0dc1202..a0d5ab1 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -14,9 +14,7 @@ fixtures: rsyslog: https://github.com/simp/pupmod-simp-rsyslog.git simplib: https://github.com/simp/pupmod-simp-simplib.git stdlib: https://github.com/simp/puppetlabs-stdlib.git - systemd: - repo: https://github.com/simp/puppet-systemd.git - branch: simp-master + systemd: https://github.com/simp/puppet-systemd.git disa_stig-el7-baseline: repo: https://github.com/simp/inspec-profile-disa_stig-el7.git branch: master diff --git a/CHANGELOG b/CHANGELOG index 46b64b2..cb876db 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,6 @@ +* Mon Nov 25 2024 Steven Pritchard - 6.12.1 +- Fix use of legacy facts + * Fri Sep 13 2024 Steven Pritchard - 6.12.0 - [puppetsync] Update module dependencies to support simp-iptables 7.x diff --git a/SIMP/compliance_profiles/checks.yaml b/SIMP/compliance_profiles/checks.yaml index 38d77e6..b49cf8c 100644 --- a/SIMP/compliance_profiles/checks.yaml +++ b/SIMP/compliance_profiles/checks.yaml @@ -92,7 +92,7 @@ checks: - SI-7:3 - SI-7:8 confine: - osfamily: RedHat + os.family: RedHat oval:com.puppet.forge.simp.aide.aliases.el7: settings: parameter: aide::aliases @@ -120,8 +120,8 @@ checks: - SRG-OS-000480-GPOS-00227 - CCI-000366 confine: - osfamily: RedHat - operatingsystemmajrelease: '7' + os.family: RedHat + os.release.major: '7' oval:com.puppet.forge.simp.aide.aliases.el8: settings: parameter: aide::aliases @@ -146,8 +146,8 @@ checks: - SRG-OS-000480-GPOS-00227 - CCI-000366 confine: - osfamily: RedHat - operatingsystemmajrelease: '8' + os.family: RedHat + os.release.major: '8' oval:com.puppet.forge.simp.aide.enable: settings: parameter: aide::enable @@ -162,7 +162,7 @@ checks: - CCI-001744 - SRG-OS-000363-GPOS-00150 confine: - osfamily: RedHat + os.family: RedHat oval:com.puppet.forge.simp.aide.cron_command: settings: parameter: aide::cron_command @@ -177,7 +177,7 @@ checks: - CCI-001744 - SRG-OS-000363-GPOS-00150 confine: - osfamily: RedHat + os.family: RedHat oval:com.puppet.forge.simp.aide.cron_method: settings: parameter: aide::cron_method @@ -192,7 +192,7 @@ checks: - CCI-001744 - SRG-OS-000363-GPOS-00150 confine: - osfamily: RedHat + os.family: RedHat oval:com.puppet.forge.simp.aide.hour: settings: parameter: aide::hour @@ -207,8 +207,8 @@ checks: - CCI-001744 - SRG-OS-000363-GPOS-00150 confine: - osfamily: RedHat - operatingsystemmajrelease: '7' + os.family: RedHat + os.release.major: '7' oval-ids: - xccdf_org:ssgproject:content_rule_aide_periodic_cron_checking - aide_periodic_cron_checking @@ -226,8 +226,8 @@ checks: - CCI-001744 - SRG-OS-000363-GPOS-00150 confine: - osfamily: RedHat - operatingsystemmajrelease: '7' + os.family: RedHat + os.release.major: '7' oval-ids: - xccdf_org:ssgproject:content_rule_aide_periodic_cron_checking - aide_periodic_cron_checking @@ -245,8 +245,8 @@ checks: - CCI-001744 - SRG-OS-000363-GPOS-00150 confine: - osfamily: RedHat - operatingsystemmajrelease: '7' + os.family: RedHat + os.release.major: '7' oval-ids: - xccdf_org:ssgproject:content_rule_aide_periodic_cron_checking - aide_periodic_cron_checking diff --git a/metadata.json b/metadata.json index e93bc55..10b3abd 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "simp-aide", - "version": "6.12.0", + "version": "6.12.1", "author": "SIMP Team", "summary": "manages AIDE", "license": "Apache-2.0", diff --git a/spec/acceptance/suites/compliance/01_simp_profile_inspec_spec.rb b/spec/acceptance/suites/compliance/01_simp_profile_inspec_spec.rb index 2bd5476..ebf3188 100644 --- a/spec/acceptance/suites/compliance/01_simp_profile_inspec_spec.rb +++ b/spec/acceptance/suites/compliance/01_simp_profile_inspec_spec.rb @@ -14,7 +14,7 @@ profile_path = File.join( fixtures_path, 'inspec_profiles', - "#{fact_on(host, 'operatingsystem')}-#{fact_on(host, 'operatingsystemmajrelease')}-#{profile}" + "#{fact_on(host, 'os.name')}-#{fact_on(host, 'os.release.major')}-#{profile}" ) unless File.exist?(profile_path) diff --git a/spec/acceptance/suites/compliance/10_stig_profile_oscap_spec.rb b/spec/acceptance/suites/compliance/10_stig_profile_oscap_spec.rb index 1a3e2a5..3808dee 100644 --- a/spec/acceptance/suites/compliance/10_stig_profile_oscap_spec.rb +++ b/spec/acceptance/suites/compliance/10_stig_profile_oscap_spec.rb @@ -7,7 +7,7 @@ hosts.each do |host| context "on #{host}" do before(:all) do - @os_str = fact_on(host, 'operatingsystem') + ' ' + fact_on(host, 'operatingsystemrelease') + @os_str = fact_on(host, 'os.name') + ' ' + fact_on(host, 'os.release.full') @ssg_supported = true