Add Amazon Linux 2 support #12087
Add Amazon Linux 2 support #12087
Conversation
This changes applies 0001-Add-Amazon-Linux-2-derivative.patch. This patch was extracted from the following package, distributed as part of Amazon Linux 2: scap-security-guide-0.1.40-12.amzn2.0.1.1.src.rpm
This changes applies 0001-Add-cpe-definitions-and-oval-checks-for-AMZN2.patch. This patch was extracted from the following package, distributed as part of Amazon Linux 2: scap-security-guide-0.1.40-12.amzn2.0.1.1.src.rpm
|
Hi @0intro. Thanks for your PR. I'm waiting for a ComplianceAsCode member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
Start a new ephemeral environment with changes proposed in this pull request: Fedora Environment Oracle Linux 8 Environment |
|
🤖 A k8s content image for this PR is available at: Click here to see how to deploy itIf you alread have Compliance Operator deployed: Otherwise deploy the content and operator together by checking out ComplianceAsCode/compliance-operator and: |
|
Code Climate has analyzed commit c483d4a and detected 2 issues on this pull request. Here's the issue category breakdown:
The test coverage on the diff in this pull request is 100.0% (50% is the threshold). This pull request will bring the total coverage in the repository to 59.4% (0.0% change). View more on Code Climate. |
|
I think that creating a new derivative out of RHEL 7 content would be problematic because RHEL 7 is approaching end of maintenance this week and there is a request to remove RHEL 7 content from this project soon, see #12044. I think that a better approach would be to create a new standalone product. That would avoid the collision with the planned RHEL 7 removal. |
|
PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
With RHEL 7 being removed this PR will need to be rewritten to make Amazon Linux 2 as a standalone product. |
|
ping |
|
Thanks for opening this PR. I believe that opening a new PR and adding Amazon Linux 2 as a standalone product would better than reusing this PR. Please reach in the discussions here on GitHub or Gitter if have any questions. |
Description:
This PR adds Amazon Linux 2 support.
This series of changes is based on the Amazon Linux 2 support, available as part of the
scap-security-guide-0.1.40-12.amzn2.0.1.1.src.rpmpackage (2019-04-19), distributed as part of Amazon Linux 2.scap-security-guide-0.1.40-12.amzn2.0.1.1.src.rpmpackage, but rebased on the current version of ComplianceAsCode:0001-Add-Amazon-Linux-2-derivative.patch0001-Add-cpe-definitions-and-oval-checks-for-AMZN2.patchenable_derivatives.pyscript to use the same profiles as RHEL 7, since Amazon Linux 2 is very close to RHEL 7. For example theCIS_Amazon_Linux_2_Benchmark_v3.0.0.pdfdocument is an extract subset of theCIS_Red_Hat_Enterprise_Linux_7_Benchmark_v3.1.1.pdfdocument.The Amazon Linux 2 support was originally based on ComplianceAsCode 0.1.40 (2018-07-25), but the changes have been rebased on the current version of ComplianceAsCode.
Rationale:
This PR adds supports for Amazon Linux 2, a Linux distribution, rebranded from Red Hat Linux 7, which is widely used on AWS.
The approach I chose was to implement Amazon Linux 2 as a derivative of RHEL 7, since the systems are very close. For example, the CIS Amazon Linux 2 Benchmark is a subset of CIS Red Hat Linux 7 Benchmark.