-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make no-remediation waivers explicit #86
Comments
Actually, we can use |
Well, |
Well, I've spent a few hours trying to make def import_wildcard(directory):
"""
Import all python modules under a specific directory,
return a SimpleNamespace containing all the modules.
"""
ns = types.SimpleNamespace()
for mod_data in pkgutil.iter_modules([directory]):
_, name, _ = mod_data
mod = importlib.import_module(f'.{name}')
setattr(ns, name, mod)
return ns and while we could probably hack something together using Honestly, it might be better to just pass We would also avoid the duality of def has_no_remediation(*, rule=None, test=None):
"""
Return True if a specified rule, as either given directly by name (rule arg)
or parsed from a test / result name (test arg).
Return False otherwise.
""" and could leave it for rule name only (in code) and have the waivers-visible |
Unfortunately, there's no So let's drop this issue. Some work done: d77c42a , and the problem of having 2 sources of truth (waivers) is still valid, but the solution may be worse than the problem. Not to mention how much more difficult to solve it would make #87 . |
Currently, there's a special piece of code that looks up failures in the scanned result set, and if a failure resulted from a rule that has no remediation, it automatically changes
fail
towarn
:https://github.com/RHSecurityCompliance/contest/blob/364b17e50/lib/oscap.py#L92-L94
Let's make this explicit by a single waiver rule:
lib
directly, or if we need__init__.py
lib
into the list of globals available to waiversThis turns
into
The text was updated successfully, but these errors were encountered: