Draft: Update test (!107) · Merge requests · GitLab.org / software-supply-chain-security / Compliance Group / Compliance Engineering / cis / CIS GitLab Benchmark Scanner

Neil McDonald requested to merge nmcd-main-patch-02a8 into main Nov 18, 2024

Requester

Requester Checklist

If this change modifies benchmark functions:
- The function:
  - Name matches the name of the yaml recommendation
  - Returns a dict containing:
    - True or False (if the check passed/failed)
    - None for skipped checks
    - a str with the reason why (e.g. {None: 'This check requires validation'})
  - The docstring contains the id and title of the recommendation to check
- Limitations:
  - Any limitations for the function are added to docs/limitations.md
If this change modifies recommendations:
- Ensure approval from CODEOWNERS is obtained
All unit tests pass before requesting review
This merge request's title matches the prefixes allowed in .commitlintrc
Remove Draft phase from the MR

Reviewer Checklist

If this change modifies benchmark functions:
- The function(s) satisfy the recommendation (see the audit section in the yaml file)
  - i.e. does this function address the recommendation benchmark check
This merge request's title matches the prefixes allowed in .commitlintrc
All tests have passed successfully

To validate changes to benchmark functions for this merge request, follow the below:

validation steps

Clone the repo:

git clone git@gitlab.com:gitlab-com/gl-security/security-operations/sirt/automation/cis-benchmark-scanner.git
cd cis-benchmark-scanner

Checkout into the merge request branch:

git checkout $branchRequestingToMerge

Install the version in the merge request:

make install

Validate the function(s) against a project:

gitlabcis https://gitlab.example.com/path/to/project

To test a single benchmark functon:

gitlabcis https://gitlab.example.com/path/to/project \
    -ids 1.1.1