Merge branch 'master' into container-help

matusmarhefka · web-flow · commit 64d72c9bf7c8 · 2017-11-07T14:13:55.000+01:00
diff --git a/container/install.sh b/container/install.sh
@@ -3,12 +3,14 @@
 ETC='/etc/oscapd'
 ETC_FILE='config.ini'
 HOST='/host'
+SELF=$1
 
 echo ""
 echo "Installing the configuration file 'openscap' into /etc/atomic.d/.  You can now use this scanner with atomic scan with the --scanner openscap command-line option.  You can also set 'openscap' as the default scanner in /etc/atomic.conf.  To list the scanners you have configured for your system, use 'atomic scan --list'."
 
 echo ""
 cp /root/openscap /host/etc/atomic.d/
+sed -i "s|\$IMAGE_NAME|${SELF}|" /host/etc/atomic.d/openscap
 
 SCRIPTS="/etc/atomic.d/scripts/"
 echo ""
diff --git a/container/openscap b/container/openscap
@@ -1,6 +1,6 @@
 type: scanner
 scanner_name: openscap
-image_name: openscap
+image_name: $IMAGE_NAME
 default_scan: cve
 custom_args: ['-v', '/etc/oscapd:/etc/oscapd:ro']
 remediation_script: '/etc/atomic.d/scripts/remediate.py'
diff --git a/generate-dockerfile.py b/generate-dockerfile.py
@@ -12,7 +12,7 @@
     ("io.k8s.display-name", "OpenSCAP"),
     ("io.k8s.description", "OpenSCAP is an auditing tool that utilizes the Extensible Configuration Checklist Description Format (XCCDF). XCCDF is a standard way of expressing checklist content and defines security checklists."),
     ("io.openshift.tags", "security openscap scan"),
-    ("install", "docker run --rm --privileged -v /:/host/ IMAGE sh /root/install.sh"),
+    ("install", "docker run --rm --privileged -v /:/host/ IMAGE sh /root/install.sh IMAGE"),
     ("run", "docker run -it --rm -v /:/host/ IMAGE sh /root/run.sh"),
     ("help", "docker run --rm --privileged -v /usr/bin:/usr/bin -v /var/run:/var/run -v /lib:/lib -v /lib64:/lib64 -v /etc/sysconfig:/etc/sysconfig IMAGE sh /root/help.sh IMAGE")
 ]
diff --git a/openscap_daemon/oscap_helpers.py b/openscap_daemon/oscap_helpers.py
@@ -474,7 +474,7 @@ def _get_result_id(results_path):
     return test_result.attrib["id"]
 
 
-def generate_fix_for_result(config, results_path, fix_type, xccdf_id):
+def generate_fix_for_result(config, results_path, fix_type, xccdf_id=None):
     if not os.path.exists(results_path):
         raise RuntimeError("Can't generate fix for scan result. Expected "
                            "results XML at '%s' but the file doesn't exist."

Original file line number	Diff line number	Diff line change
`@@ -12,7 +12,7 @@`
`12`	`12`	`("io.k8s.display-name", "OpenSCAP"),`
`13`	`13`	`("io.k8s.description", "OpenSCAP is an auditing tool that utilizes the Extensible Configuration Checklist Description Format (XCCDF). XCCDF is a standard way of expressing checklist content and defines security checklists."),`
`14`	`14`	`("io.openshift.tags", "security openscap scan"),`
`15`		`- ("install", "docker run --rm --privileged -v /:/host/ IMAGE sh /root/install.sh"),`
	`15`	`+ ("install", "docker run --rm --privileged -v /:/host/ IMAGE sh /root/install.sh IMAGE"),`
`16`	`16`	`("run", "docker run -it --rm -v /:/host/ IMAGE sh /root/run.sh"),`
`17`	`17`	`("help", "docker run --rm --privileged -v /usr/bin:/usr/bin -v /var/run:/var/run -v /lib:/lib -v /lib64:/lib64 -v /etc/sysconfig:/etc/sysconfig IMAGE sh /root/help.sh IMAGE")`
`18`	`18`	`]`