Modification of the OVAL linker to use the OVAL object model

[Honny1]

Description:

This PR modifies the OVAL linker to use the OVAL object model. Using the model reduces the complexity of the OVAL linker and checks are performed on the OVAL object model side.

Review Hints:

To check the functionality of the changes, you can build content using ./build_product.

[openshift-ci]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[github-actions]

Start a new ephemeral environment with changes proposed in this pull request:

Fedora Environment

Oracle Linux 8 Environment

[jan-cerny]

There are frequent typos in commit messages. Try to use spellcheck in vim before committing. Also, the commit messages should be more detailed.

I appreciate that the reformatting change is a separate commit. But, as I expressed in one of your previous PRs, I think that even if the style updates surely make the code better, they also make the diff larger and therefore the PR becomes harder to review. The reviewers when they see the diff they need to evaluate if the change is a code style change or actual behavior change. Next time, please don't do style updates unless necessary or requested by Code Climate.

Next thing is about the first commit (Add transalate methode for OVAL ovject model). I'm sorry if I misunderstood it, but It seems that it introduces a method that calls a method that doesn't exist and is added later. That should be done in opposite order. Keep in mind the general rule for committing: Every commit has to build and pass the tests. Sometimes it might be hard to follow this rule, but you should at least conceptually strive to.

The generation of OVAL files need to be split out to a separate pull request. The modification of the linked OVAL is already a large change. Adding the generation feature within the same PR makes the PR too complex.

Regarding the generation of OVAL files, I'm quite puzzled that there still exists the build/${product}/checks/oval directory with some files there. I think that the OVAL files generated from the object model would be a replacement for these files.

[Honny1]

/test all

[Honny1]

@jan-cerny I fixed the issues you mentioned in your comment. Let's discuss the generation of OVAL documents for each rule in PR #11291.

[jan-cerny]

@Honny1

Thanks for the update and I like that the second feature has been split out to the new PR and I also like the commits are now more practical.

I think that the large fail of all profiles tests in CI is caused by mysterious disappearing of all check-export elements from the built XCCDF. grep check-export build/ssg-rhel9-xccdf.xml returns nothing. I have seen you have modified add_missing_check_exports so please take a look.

[Honny1]

@jan-cerny CI is not failing. I hope everything will work as expected.

[jan-cerny]

I have seen that values of ref_id attributes if reference elements within definition elements in OVAL changed from the short rule ID to a OVAL definition ID. For example, <oval-def:reference ref_id="configure_tmux_lock_after_time" source="ssg"/> changed to <oval-def:reference ref_id="oval:ssg-configure_tmux_lock_after_time:def:1" source="ssg"/> Please revert these attributes back. It's pointless to for an element to reference its own direct parent.

[Honny1]

@jan-cerny The attribute in the reference element has been corrected.

[codeclimate]

Code Climate has analyzed commit 105bd84 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 61.9% (50% is the threshold).

This pull request will bring the total coverage in the repository to 58.5%.

View more on Code Climate.

[jan-cerny]

I think this a great step towards simplification of the build process.

I have built the RHEL 9 content and compared the OVALs and DSs of this PR and of master branch. I haven't noticed any significant difference and I haven't experienced any performance impact.