Add AlmaLinux OS 9 as a product #12808
Conversation
Abandoned using two products in favour of one product plus specific controls for the STIG, vendor support, minor versions, FIPS etc. Makes CIS and CPE's easier with less duplication.
|
Hi @sej7278. Thanks for your PR. I'm waiting for a ComplianceAsCode member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
Start a new ephemeral environment with changes proposed in this pull request: Fedora Environment Oracle Linux 8 Environment |
jan-cerny
changed the title
|
Code Climate has analyzed commit a1a6204 and detected 0 issues on this pull request. The test coverage on the diff in this pull request is 100.0% (50% is the threshold). This pull request will bring the total coverage in the repository to 61.8% (0.0% change). View more on Code Climate. |
| @@ -0,0 +1,11 @@ | |||
| documentation_complete: true | |||
|
|
|||
| title: 'Standard System Security Profile for AlmaLinux OS 9' | |||
There was a problem hiding this comment.
With only one rule I'm not sure its worth shipping this profile. You plan extending this profile in future that's fine, I would mark it as documentation_complete: false so it doesn't end up on the release artifacts.
There was a problem hiding this comment.
ok sure, this is due to lack of understanding of what the standard profile is, i've set it to false for now
|
@sej7278 Please remove the "Merge" commits from this PR. PRs that contain "Merge" commits can't be merged. |
|
Moved to #12810 as i accidentally deleted the branch when trying to flatten the merges! |
Description:
Adds AlmaLinux OS 9 as a new product.
Would appreciate a review to see if this is sufficient to add the new product or to identify any remaining work that may be needed. It certainly builds the standard+CIS guides just fine.
Rationale:
As discussed on #12757 it would be good to add AlmaLinux OS 9 as a new product rather than a RHEL 9 derivative, as they do differ - most notably their STIG's.
As the FIPS/STIG stuff for AlmaLinux is commercial via TuxCare and only support specific minor versions, it makes sense to have a base product for community-compatible major version profiles like CIS benchmarks, that we can add control files to for use with the commercial profiles.