From f14698b53d1c536506cb975ac4c88adbd88472b0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= Date: Thu, 31 Oct 2024 08:47:48 +0100 Subject: [PATCH 1/3] Move data stream component references SCE checks are checks, they aren't checklists. Therefore, `component-ref` elements pointing to components containing SCE checks shouldn't be children of `checklists` element but they should be children of `checks` element. This change fixes this error message that is produced when running the `oscap info` command on the built data stream: OpenSCAP Error: Internal error: Could not acquire handle to 'scap_org.open-scap_cref_rhel9-checks-sce-timer_dnf-automatic_enabled.sh' source. [/builddir/build/BUILD/openscap-1.4.0/src/DS/ds_sds_session.c:233] --- build-scripts/compose_ds.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/build-scripts/compose_ds.py b/build-scripts/compose_ds.py index cd3970ffa9e..42d0dfea9f8 100755 --- a/build-scripts/compose_ds.py +++ b/build-scripts/compose_ds.py @@ -33,7 +33,7 @@ def mangle_path(path): # From the list generated by collect_sce_checks, extract the path to the check content, # and embed the script into the data stream -def embed_sce_checks_in_datastream(datastreamtree, checklists, sce_files, build_dir): +def embed_sce_checks_in_datastream(datastreamtree, checklists, checks, sce_files, build_dir): for file in sce_files: path = os.path.join(build_dir, file) mangled_path = mangle_path(file) @@ -55,7 +55,7 @@ def embed_sce_checks_in_datastream(datastreamtree, checklists, sce_files, build_ # Create a component reference to map the checklist to the extended component component_ref_id = "scap_{}_cref_{}".format(ID_NS, mangled_path) component_ref = ET.SubElement( - checklists, '{%s}component-ref' % datastream_namespace, + checks, '{%s}component-ref' % datastream_namespace, attrib={ 'id': component_ref_id, ('{%s}href' % xlink_namespace): '#' + component_id @@ -260,7 +260,7 @@ def compose_ds( add_component(ds_collection, checks, cpe_oval_file_name) if sce_enabled: sce_check_files = collect_sce_checks(ds_collection) - embed_sce_checks_in_datastream(ds_collection, checklists, sce_check_files, build_dir) + embed_sce_checks_in_datastream(ds_collection, checklists, checks, sce_check_files, build_dir) if hasattr(ET, "indent"): ET.indent(ds_collection, space=" ", level=0) From 3066540bdb4ea78c913f0f7733f81abb638d788c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= Date: Thu, 31 Oct 2024 09:37:37 +0100 Subject: [PATCH 2/3] Fix Code Climate problem --- build-scripts/compose_ds.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/build-scripts/compose_ds.py b/build-scripts/compose_ds.py index 42d0dfea9f8..6826be50c94 100755 --- a/build-scripts/compose_ds.py +++ b/build-scripts/compose_ds.py @@ -33,7 +33,8 @@ def mangle_path(path): # From the list generated by collect_sce_checks, extract the path to the check content, # and embed the script into the data stream -def embed_sce_checks_in_datastream(datastreamtree, checklists, checks, sce_files, build_dir): +def embed_sce_checks_in_datastream(datastreamtree, checklists, checks, build_dir): + sce_files = collect_sce_checks(datastreamtree) for file in sce_files: path = os.path.join(build_dir, file) mangled_path = mangle_path(file) @@ -259,8 +260,7 @@ def compose_ds( add_component(ds_collection, checks, ocil_file_name) add_component(ds_collection, checks, cpe_oval_file_name) if sce_enabled: - sce_check_files = collect_sce_checks(ds_collection) - embed_sce_checks_in_datastream(ds_collection, checklists, checks, sce_check_files, build_dir) + embed_sce_checks_in_datastream(ds_collection, checklists, checks, build_dir) if hasattr(ET, "indent"): ET.indent(ds_collection, space=" ", level=0) From 678adf74c7600d7c7401f207226a01db0bffb119 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= Date: Thu, 31 Oct 2024 14:00:28 +0100 Subject: [PATCH 3/3] Fix test_ds_sce.py The SCE checks should be listed in `checks` element, not in `checklists` element, because SCE checks are checks, not checklists. --- tests/test_ds_sce.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test_ds_sce.py b/tests/test_ds_sce.py index d6c25cfa70a..fcf908051d6 100644 --- a/tests/test_ds_sce.py +++ b/tests/test_ds_sce.py @@ -11,7 +11,7 @@ def verify_file(ds, catalog_uris, file, build_dir): component_ref = ds.find(str.format( - ".//{{{ds_ns}}}checklists/{{{ds_ns}}}component-ref[@id='{cid}']", + ".//{{{ds_ns}}}checks/{{{ds_ns}}}component-ref[@id='{cid}']", ds_ns=datastream_namespace, cid=catalog_uris[file] ))