WIP2

ComplianceAsCode · Dec 18, 2023 · 75976e2 · 75976e2
1 parent f7a66a0
commit 75976e2
Show file tree

Hide file tree

Showing 4 changed files with 29 additions and 3 deletions.
diff --git a/build-scripts/compile_all.py b/build-scripts/compile_all.py
@@ -125,18 +125,25 @@ def main():
     parser = create_parser()
     args = parser.parse_args()
 
+    project_root_abspath = os.path.abspath(args.project_root)
+
     env_yaml = get_env_yaml(args.build_config_yaml, args.product_yaml)
     product_yaml = ssg.products.Product(args.product_yaml)
+
     product_cpes = ProductCPEs()
     product_cpes.load_product_cpes(env_yaml)
+    # Rules in the same benchmark_root might have a product CPE set as
+    # a platform and could be shared between all the products.
+    for extra_product_yaml in ssg.products.get_all_products_with_same_guide_directory(
+                                           project_root_abspath, product_yaml):
+        product_cpes.load_product_cpes(extra_product_yaml)
     product_cpes.load_content_cpes(env_yaml)
 
     loader = ssg.build_yaml.BuildLoader(
         None, env_yaml, product_cpes, args.sce_metadata, args.stig_references)
     loader.load_components()
     load_benchmark_source_data_from_directory_tree(loader, env_yaml, product_yaml)
 
-    project_root_abspath = os.path.abspath(args.project_root)
     controls_dir = os.path.join(project_root_abspath, "controls")
 
     existing_rules = find_existing_rules(project_root_abspath)

diff --git a/shared/applicability/oval/installed_app_is_eks.xml b/shared/applicability/oval/installed_app_is_eks.xml
@@ -4,7 +4,8 @@
     <metadata>
       <title>Amazon Elastic Kubernetes Service</title>
       <affected family="unix">
-        <platform>Amazon Elastic Kubernetes Service</platform>
+        <platform>multi_platform_eks</platform>
+        <platform>multi_platform_ocp</platform>
       </affected>
       <reference ref_id="cpe:/a:amazon:elastic_kubernetes_service:1" source="CPE" />
       <description>The application installed installed on the system is EKS.</description>

diff --git a/shared/applicability/oval/installed_app_is_eks_node.xml b/shared/applicability/oval/installed_app_is_eks_node.xml
@@ -3,7 +3,8 @@
     <metadata>
       <title>Amazon Elastic Kubernetes Service Node</title>
       <affected family="unix">
-        <platform>Amazon Elastic Kubernetes Service Node</platform>
+        <platform>multi_platform_eks</platform>
+        <platform>multi_platform_ocp</platform>
       </affected>
       <reference ref_id="cpe:/o:amazon:elastic_kubernetes_service_node:1" source="CPE" />
       <description>The application installed installed on the system is EKS 4.</description>

diff --git a/ssg/products.py b/ssg/products.py
@@ -215,6 +215,23 @@ def get_all(ssg_root):
     return products(linux_products, other_products)
 
 
+def get_all_product_yamls(ssg_root):
+    for product in product_directories:
+        path = product_yaml_path(ssg_root, product)
+        product_yaml = load_product_yaml(path)
+        yield product, product_yaml
+
+
+def get_all_products_with_same_guide_directory(ssg_root, product_yaml):
+    for extra_product_id, extra_product_yaml in get_all_product_yamls(ssg_root):
+        guide_dir = os.path.join(product_yaml["product_dir"], product_yaml['benchmark_root'])
+        extra_guide_dir = os.path.join(extra_product_yaml["product_dir"],
+                                       extra_product_yaml['benchmark_root'])
+        if os.path.abspath(guide_dir) == os.path.abspath(extra_guide_dir):
+            if extra_product_id != product_yaml["product"]:
+                yield extra_product_yaml
+
+
 def get_profiles_directory(env_yaml):
     profiles_root = None
     if env_yaml: