-
Notifications
You must be signed in to change notification settings - Fork 698
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CMP 2417: Implement PCI-DSS v4.0 outline for OpenShift #11651
Conversation
🤖 A k8s content image for this PR is available at: Click here to see how to deploy itIf you alread have Compliance Operator deployed: Otherwise deploy the content and operator together by checking out ComplianceAsCode/compliance-operator and: |
Code Climate has analyzed commit c2bc50e and detected 0 issues on this pull request. The test coverage on the diff in this pull request is 100.0% (50% is the threshold). This pull request will bring the total coverage in the repository to 59.8% (0.0% change). View more on Code Climate. |
/hold for review |
Additional note for reviews is that this should generate an empty profile, where we can come through later and fill in the rules. |
Verification passed with 4.16.0-0.nightly-2024-03-06-174829 + compliance-operator code
Scenario 2: upstream-ocp4-pci-dss-node-4-0
Scenario 3: upstream-ocp4-pci-dss-4-0 and upstream-ocp4-pci-dss-node-4-0
Scenario 4: Verify version
|
/unhold |
@Vincent056 should be ready for another look. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The content in the controls look fine.
I just have a few remarks on the control ID and levels.
It seems to me that the policy doesn't clearly define levels, and they were not used in the 3.2.1 profiles.
Note for reviewers
While this change is large, it's broken down into sections per commit. It may be easier to review on a per commit basis.