abide_dev_utils 0.18.6 → 0.18.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 6b8b0cc560c6c4d0c1ce9648d10771fe9001708a9b4555884795f3cc7477b53e
4
- data.tar.gz: a94aaf5a979f3b9c7175f4836071991af2c3b4450c50dd5a74ea06038372dd3b
3
+ metadata.gz: 2cb0e7cb6db8088427a363ca729869313ff57f0ebcdec8540682701fa2931215
4
+ data.tar.gz: c0e17b9d42924997146bf6b222ca39cab6ce6799b4d0bee4d0bd94186b0da307
5
5
  SHA512:
6
- metadata.gz: a8638fe3b8be214509f569907592c4ef95e071b1720c6fb31bc15a0cf6490dbbc71c7b43089c8ff0bf42e961bbfa98d9ae6cfccdee40816b5c96f67b699bfdb7
7
- data.tar.gz: 5b0b7bfa433656a7ee7f95f5443928e2dd8397c3f04fd2a13cd57d3c87ea65be723edf0a850ab3f66e3b73a9d659a939bf9870532fadd4c3e77fe112b629d9ca
6
+ metadata.gz: 7a7eea4740d5d5a5c7429d8b6b474fe144f6e768117e9f00eed7d87ad76f9a8cfd8cde76ab9ca5e97ac224f99131872db21922036a1321d14d4eee2dab99665e
7
+ data.tar.gz: d1ffabdb664b9d431d2e0ed65c5d32442829359f8bcb2c866b6c3f89a8e44a224631bc40b85f90ff6ce31646fa22b68254f606f6d7e5394a43520a062ec328cc
data/.gitignore CHANGED
@@ -9,5 +9,6 @@
9
9
  /tmp/
10
10
  w10_20h2.xml
11
11
  w10_2004.xml
12
+ .env
12
13
  # rspec failure tracking
13
- .rspec_status
14
+ .rspec_status
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- abide_dev_utils (0.18.6)
4
+ abide_dev_utils (0.18.8)
5
5
  cmdparse (~> 3.0)
6
6
  facterdb (~> 4.1.0)
7
7
  google-cloud-storage (~> 1.34)
@@ -383,4 +383,4 @@ DEPENDENCIES
383
383
  rubocop-rspec (~> 2.1)
384
384
 
385
385
  BUNDLED WITH
386
- 2.5.22
386
+ 2.4.19
@@ -0,0 +1,516 @@
1
+ {
2
+ "aio_agent_version": "8.12.1",
3
+ "augeas": {
4
+ "version": "1.14.1"
5
+ },
6
+ "disks": {
7
+ "sda": {
8
+ "model": "VBOX HARDDISK",
9
+ "serial": "VB9a95c0bd-62acdbd7",
10
+ "size": "37.00 GiB",
11
+ "size_bytes": 39728447488,
12
+ "type": "hdd",
13
+ "vendor": "ATA"
14
+ }
15
+ },
16
+ "dmi": {
17
+ "bios": {
18
+ "release_date": "12/01/2006",
19
+ "vendor": "innotek GmbH",
20
+ "version": "VirtualBox"
21
+ },
22
+ "board": {
23
+ "manufacturer": "Oracle Corporation",
24
+ "product": "VirtualBox",
25
+ "serial_number": "0"
26
+ },
27
+ "chassis": {
28
+ "type": "Other"
29
+ },
30
+ "manufacturer": "innotek GmbH",
31
+ "product": {
32
+ "name": "VirtualBox",
33
+ "serial_number": "0",
34
+ "uuid": "3e6a95c2-c3da-4a4d-9c54-1fd89c81760a",
35
+ "version": "1.2"
36
+ }
37
+ },
38
+ "facterversion": "4.11.0",
39
+ "filesystems": "vfat,xfs",
40
+ "fips_enabled": false,
41
+ "hypervisors": {
42
+ "virtualbox": {
43
+ "revision": "167084",
44
+ "version": "7.1.6"
45
+ }
46
+ },
47
+ "identity": {
48
+ "gid": 0,
49
+ "group": "root",
50
+ "privileged": true,
51
+ "uid": 0,
52
+ "user": "root"
53
+ },
54
+ "is_virtual": true,
55
+ "kernel": "Linux",
56
+ "kernelmajversion": "6.12",
57
+ "kernelrelease": "6.12.0-55.24.1.el10_0.x86_64",
58
+ "kernelversion": "6.12.0",
59
+ "load_averages": {
60
+ "15m": 0.09,
61
+ "1m": 0.87,
62
+ "5m": 0.25
63
+ },
64
+ "memory": {
65
+ "system": {
66
+ "available": "1.46 GiB",
67
+ "available_bytes": 1567944704,
68
+ "capacity": "23.69%",
69
+ "total": "1.91 GiB",
70
+ "total_bytes": 2054746112,
71
+ "used": "464.25 MiB",
72
+ "used_bytes": 486801408
73
+ }
74
+ },
75
+ "mountpoints": {
76
+ "/": {
77
+ "available": "29.31 GiB",
78
+ "available_bytes": 31466983424,
79
+ "capacity": "8.23%",
80
+ "device": "/dev/mapper/vg_main-lv_root",
81
+ "filesystem": "xfs",
82
+ "options": [
83
+ "rw",
84
+ "seclabel",
85
+ "relatime",
86
+ "attr2",
87
+ "inode64",
88
+ "logbufs=8",
89
+ "logbsize=32k",
90
+ "noquota"
91
+ ],
92
+ "size": "31.93 GiB",
93
+ "size_bytes": 34288435200,
94
+ "used": "2.63 GiB",
95
+ "used_bytes": 2821451776
96
+ },
97
+ "/boot": {
98
+ "available": "846.03 MiB",
99
+ "available_bytes": 887123968,
100
+ "capacity": "11.87%",
101
+ "device": "/dev/sda2",
102
+ "filesystem": "xfs",
103
+ "options": [
104
+ "rw",
105
+ "seclabel",
106
+ "relatime",
107
+ "attr2",
108
+ "inode64",
109
+ "logbufs=8",
110
+ "logbsize=32k",
111
+ "noquota"
112
+ ],
113
+ "size": "960.00 MiB",
114
+ "size_bytes": 1006632960,
115
+ "used": "113.97 MiB",
116
+ "used_bytes": 119508992
117
+ },
118
+ "/boot/efi": {
119
+ "available": "191.39 MiB",
120
+ "available_bytes": 200683520,
121
+ "capacity": "4.20%",
122
+ "device": "/dev/sda1",
123
+ "filesystem": "vfat",
124
+ "options": [
125
+ "rw",
126
+ "relatime",
127
+ "fmask=0077",
128
+ "dmask=0077",
129
+ "codepage=437",
130
+ "iocharset=ascii",
131
+ "shortname=winnt",
132
+ "errors=remount-ro"
133
+ ],
134
+ "size": "199.79 MiB",
135
+ "size_bytes": 209489920,
136
+ "used": "8.40 MiB",
137
+ "used_bytes": 8806400
138
+ },
139
+ "/dev": {
140
+ "available": "4.00 MiB",
141
+ "available_bytes": 4194304,
142
+ "capacity": "0%",
143
+ "device": "devtmpfs",
144
+ "filesystem": "devtmpfs",
145
+ "options": [
146
+ "rw",
147
+ "seclabel",
148
+ "nosuid",
149
+ "size=4096k",
150
+ "nr_inodes=243989",
151
+ "mode=755",
152
+ "inode64"
153
+ ],
154
+ "size": "4.00 MiB",
155
+ "size_bytes": 4194304,
156
+ "used": "0 bytes",
157
+ "used_bytes": 0
158
+ },
159
+ "/dev/hugepages": {
160
+ "available": "0 bytes",
161
+ "available_bytes": 0,
162
+ "capacity": "100%",
163
+ "device": "hugetlbfs",
164
+ "filesystem": "hugetlbfs",
165
+ "options": [
166
+ "rw",
167
+ "seclabel",
168
+ "relatime",
169
+ "pagesize=2M"
170
+ ],
171
+ "size": "0 bytes",
172
+ "size_bytes": 0,
173
+ "used": "0 bytes",
174
+ "used_bytes": 0
175
+ },
176
+ "/dev/mqueue": {
177
+ "available": "0 bytes",
178
+ "available_bytes": 0,
179
+ "capacity": "100%",
180
+ "device": "mqueue",
181
+ "filesystem": "mqueue",
182
+ "options": [
183
+ "rw",
184
+ "seclabel",
185
+ "nosuid",
186
+ "nodev",
187
+ "noexec",
188
+ "relatime"
189
+ ],
190
+ "size": "0 bytes",
191
+ "size_bytes": 0,
192
+ "used": "0 bytes",
193
+ "used_bytes": 0
194
+ },
195
+ "/dev/pts": {
196
+ "available": "0 bytes",
197
+ "available_bytes": 0,
198
+ "capacity": "100%",
199
+ "device": "devpts",
200
+ "filesystem": "devpts",
201
+ "options": [
202
+ "rw",
203
+ "seclabel",
204
+ "nosuid",
205
+ "noexec",
206
+ "relatime",
207
+ "gid=5",
208
+ "mode=620",
209
+ "ptmxmode=000"
210
+ ],
211
+ "size": "0 bytes",
212
+ "size_bytes": 0,
213
+ "used": "0 bytes",
214
+ "used_bytes": 0
215
+ },
216
+ "/dev/shm": {
217
+ "available": "979.78 MiB",
218
+ "available_bytes": 1027371008,
219
+ "capacity": "0%",
220
+ "device": "tmpfs",
221
+ "filesystem": "tmpfs",
222
+ "options": [
223
+ "rw",
224
+ "seclabel",
225
+ "nosuid",
226
+ "nodev",
227
+ "inode64"
228
+ ],
229
+ "size": "979.78 MiB",
230
+ "size_bytes": 1027371008,
231
+ "used": "0 bytes",
232
+ "used_bytes": 0
233
+ },
234
+ "/run": {
235
+ "available": "381.67 MiB",
236
+ "available_bytes": 400211968,
237
+ "capacity": "2.61%",
238
+ "device": "tmpfs",
239
+ "filesystem": "tmpfs",
240
+ "options": [
241
+ "rw",
242
+ "seclabel",
243
+ "nosuid",
244
+ "nodev",
245
+ "size=401320k",
246
+ "nr_inodes=819200",
247
+ "mode=755",
248
+ "inode64"
249
+ ],
250
+ "size": "391.91 MiB",
251
+ "size_bytes": 410951680,
252
+ "used": "10.24 MiB",
253
+ "used_bytes": 10739712
254
+ },
255
+ "/run/user/1000": {
256
+ "available": "195.95 MiB",
257
+ "available_bytes": 205471744,
258
+ "capacity": "0%",
259
+ "device": "tmpfs",
260
+ "filesystem": "tmpfs",
261
+ "options": [
262
+ "rw",
263
+ "seclabel",
264
+ "nosuid",
265
+ "nodev",
266
+ "relatime",
267
+ "size=200656k",
268
+ "nr_inodes=50164",
269
+ "mode=700",
270
+ "uid=1000",
271
+ "gid=1000",
272
+ "inode64"
273
+ ],
274
+ "size": "195.95 MiB",
275
+ "size_bytes": 205471744,
276
+ "used": "0 bytes",
277
+ "used_bytes": 0
278
+ },
279
+ "/vagrant": {
280
+ "available": "433.55 GiB",
281
+ "available_bytes": 465518792704,
282
+ "capacity": "52.66%",
283
+ "device": "vagrant",
284
+ "filesystem": "vboxsf",
285
+ "options": [
286
+ "rw",
287
+ "nodev",
288
+ "relatime",
289
+ "iocharset=utf8",
290
+ "uid=1000",
291
+ "gid=1000"
292
+ ],
293
+ "size": "915.81 GiB",
294
+ "size_bytes": 983345152000,
295
+ "used": "482.26 GiB",
296
+ "used_bytes": 517826359296
297
+ }
298
+ },
299
+ "networking": {
300
+ "domain": "example.com",
301
+ "fqdn": "foo.example.com",
302
+ "hostname": "foo",
303
+ "interfaces": {
304
+ "eth0": {
305
+ "bindings": [
306
+ {
307
+ "address": "10.0.2.15",
308
+ "netmask": "255.255.255.0",
309
+ "network": "10.0.2.0"
310
+ }
311
+ ],
312
+ "bindings6": [
313
+ {
314
+ "address": "fd00::a00:27ff:fe5b:5722",
315
+ "netmask": "ffff:ffff:ffff:ffff::",
316
+ "network": "fd00::",
317
+ "scope6": "global",
318
+ "flags": [
319
+
320
+ ]
321
+ },
322
+ {
323
+ "address": "fe80::a00:27ff:fe5b:5722",
324
+ "netmask": "ffff:ffff:ffff:ffff::",
325
+ "network": "fe80::",
326
+ "scope6": "link",
327
+ "flags": [
328
+ "permanent"
329
+ ]
330
+ }
331
+ ],
332
+ "duplex": "unknown",
333
+ "ip": "10.0.2.15",
334
+ "ip6": "fd00::a00:27ff:fe5b:5722",
335
+ "mac": "08:00:27:5b:57:22",
336
+ "mtu": 1500,
337
+ "netmask": "255.255.255.0",
338
+ "netmask6": "ffff:ffff:ffff:ffff::",
339
+ "network": "10.0.2.0",
340
+ "network6": "fd00::",
341
+ "operational_state": "up",
342
+ "physical": true,
343
+ "scope6": "global",
344
+ "speed": -1
345
+ },
346
+ "lo": {
347
+ "bindings": [
348
+ {
349
+ "address": "127.0.0.1",
350
+ "netmask": "255.0.0.0",
351
+ "network": "127.0.0.0"
352
+ }
353
+ ],
354
+ "bindings6": [
355
+ {
356
+ "address": "::1",
357
+ "netmask": "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff",
358
+ "network": "::1",
359
+ "scope6": "host",
360
+ "flags": [
361
+ "permanent"
362
+ ]
363
+ }
364
+ ],
365
+ "ip": "127.0.0.1",
366
+ "ip6": "::1",
367
+ "mtu": 65536,
368
+ "netmask": "255.0.0.0",
369
+ "netmask6": "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff",
370
+ "network": "127.0.0.0",
371
+ "network6": "::1",
372
+ "operational_state": "unknown",
373
+ "physical": false,
374
+ "scope6": "host"
375
+ }
376
+ },
377
+ "ip": "10.0.2.15",
378
+ "ip6": "fd00::a00:27ff:fe5b:5722",
379
+ "mac": "08:00:27:5b:57:22",
380
+ "mtu": 1500,
381
+ "netmask": "255.255.255.0",
382
+ "netmask6": "ffff:ffff:ffff:ffff::",
383
+ "network": "10.0.2.0",
384
+ "network6": "fd00::",
385
+ "primary": "eth0",
386
+ "scope6": "global"
387
+ },
388
+ "os": {
389
+ "architecture": "x86_64",
390
+ "distro": {
391
+ "codename": "Coughlan",
392
+ "description": "Oracle Linux Server 10.0",
393
+ "id": "Ol",
394
+ "release": {
395
+ "full": "10.0",
396
+ "major": "10",
397
+ "minor": "0"
398
+ }
399
+ },
400
+ "family": "RedHat",
401
+ "hardware": "x86_64",
402
+ "name": "OracleLinux",
403
+ "release": {
404
+ "full": "10.0",
405
+ "major": "10",
406
+ "minor": "0"
407
+ },
408
+ "selinux": {
409
+ "config_mode": "enforcing",
410
+ "config_policy": "targeted",
411
+ "current_mode": "enforcing",
412
+ "enabled": true,
413
+ "enforced": true,
414
+ "policy_version": "33"
415
+ }
416
+ },
417
+ "partitions": {
418
+ "/dev/sda1": {
419
+ "filesystem": "vfat",
420
+ "label": "EFI",
421
+ "mount": "/boot/efi",
422
+ "partlabel": "EFI System Partition",
423
+ "parttype": "c12a7328-f81f-11d2-ba4b-00a0c93ec93b",
424
+ "partuuid": "9be28db9-8c4f-4834-b761-0e7228c0797d",
425
+ "size": "200.00 MiB",
426
+ "size_bytes": 209715200,
427
+ "uuid": "2748-9ED0"
428
+ },
429
+ "/dev/sda2": {
430
+ "filesystem": "xfs",
431
+ "label": "boot",
432
+ "mount": "/boot",
433
+ "partlabel": "boot",
434
+ "parttype": "0fc63daf-8483-4772-8e79-3d69d8477de4",
435
+ "partuuid": "02cc627a-03d6-4883-a7a7-fad2e5cbf070",
436
+ "size": "1.00 GiB",
437
+ "size_bytes": 1073741824,
438
+ "uuid": "924af72d-980c-4e99-8745-6cf81e074b40"
439
+ },
440
+ "/dev/sda3": {
441
+ "filesystem": "LVM2_member",
442
+ "partlabel": "pv_vol",
443
+ "parttype": "e6d6d379-f507-44c2-a23c-238f2a3df928",
444
+ "partuuid": "7f949a84-9c33-453b-89d8-8f9438e01cde",
445
+ "size": "36.00 GiB",
446
+ "size_bytes": 38651559936,
447
+ "uuid": "f7PMoa-ewjJ-G3b4-Js0S-hvMw-AIrp-qbX9zg"
448
+ },
449
+ "/dev/mapper/vg_main-lv_root": {
450
+ "filesystem": "xfs",
451
+ "mount": "/",
452
+ "size": "32.00 GiB",
453
+ "size_bytes": 34355544064,
454
+ "uuid": "aa59a49a-2c06-4537-8b43-7f0dbed70f2c"
455
+ }
456
+ },
457
+ "path": "/opt/puppetlabs/bin:/root/.local/bin:/root/bin:/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin",
458
+ "processors": {
459
+ "cores": 2,
460
+ "count": 2,
461
+ "extensions": [
462
+ "x86_64",
463
+ "x86_64-v1",
464
+ "x86_64-v2",
465
+ "x86_64-v3"
466
+ ],
467
+ "isa": "x86_64",
468
+ "models": [
469
+ "12th Gen Intel(R) Core(TM) i9-12900K",
470
+ "12th Gen Intel(R) Core(TM) i9-12900K"
471
+ ],
472
+ "physicalcount": 1,
473
+ "speed": "3.19 GHz",
474
+ "threads": 1
475
+ },
476
+ "puppetversion": "8.12.1",
477
+ "ruby": {
478
+ "platform": "x86_64-linux",
479
+ "sitedir": "/opt/puppetlabs/puppet/lib/ruby/site_ruby/3.2.0",
480
+ "version": "3.2.7"
481
+ },
482
+ "ssh": {
483
+ "ecdsa": {
484
+ "fingerprints": {
485
+ "sha1": "SSHFP 3 1 fe6b06fbe99df0c5492ef8a161ea4efd3c564c3e",
486
+ "sha256": "SSHFP 3 2 8262b08e300039f58efa379bfef889f6c0a5b41ec7b1467ad5a4b02047eed8d9"
487
+ },
488
+ "key": "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHB2UFx6aOpe5BNsXpvPxX6eFWDTMyFiwt9Tl7fb54T9ySuaWZuJjdX3Ns3Gtl8/F9onyLM7WUdXhIm4t6CC/vg=",
489
+ "type": "ecdsa-sha2-nistp256"
490
+ },
491
+ "ed25519": {
492
+ "fingerprints": {
493
+ "sha1": "SSHFP 4 1 7bab3b1d773863e32b2d1821881aef1f0e5df741",
494
+ "sha256": "SSHFP 4 2 e55a5186473dc680340281d4d5f10ba528807c66a95476fb77f0cc8728696dca"
495
+ },
496
+ "key": "AAAAC3NzaC1lZDI1NTE5AAAAIBBVQcOaMH2ZouwzUiVeuFZK1NY7niOa2Ez1UzJtJHB+",
497
+ "type": "ssh-ed25519"
498
+ },
499
+ "rsa": {
500
+ "fingerprints": {
501
+ "sha1": "SSHFP 1 1 a77c50ec565850aa51cc4de7bd070eff7dad2366",
502
+ "sha256": "SSHFP 1 2 8dbbe1d5b715a986fd0c9e2ff0c89058069d6ea64aa7053c90e1444cafe27603"
503
+ },
504
+ "key": "AAAAB3NzaC1yc2EAAAADAQABAAABgQCT9DGrr7nJWzRkHn4JKenmKHslNC9QtCKrp4zvjt/sLqe10hA+zPnKZ3KfX7YUvO/yZkKaHLgjM18IGxGbUlRB9x1E1gsQeNZXXj2vkkR21n3w3R6WC7lS+7x3FMHIUvQhe6HfBxYFLDLWQZLV1g6lNbGTmrWC/06QNAZQ7xgi1PklBYF+zdLD+2p7g+7KO6sxgTk6AixeRqj8ZMipJLa+c8m9T4p4Ppi7PB6dBkClu4WfvNykZlhuLIOXxAR0SYM72AxtYYIT58KpQMNiJub1ZHzfv0s5WtjsWQK8D4LQRDgOW77SNU+QhWjfsN8waCTz/IlosGQF29AbGSTsHJ8ck9yhiv7piW4aUSx+xBWvL2NY9YJJhHJNWDE6B5UjcU6l8j5nbXORpODLgckrDqwoyGsPCavZp6/uPFY4XaP42nlTYHKMklcL9o1bcuIRszzLEjuhtqqzdV0yErIdBZwoMHyTaf2rRtdAxR7j/4Hxtaq6afHAxp8U432HjVxxUzM=",
505
+ "type": "ssh-rsa"
506
+ }
507
+ },
508
+ "system_uptime": {
509
+ "days": 0,
510
+ "hours": 0,
511
+ "seconds": 93,
512
+ "uptime": "0:01 hours"
513
+ },
514
+ "timezone": "UTC",
515
+ "virtual": "virtualbox"
516
+ }
@@ -222,7 +222,7 @@ module AbideDevUtils
222
222
  def filtered_profiles_levels(prof: nil, lvl: nil)
223
223
  return profiles_levels if (prof.nil? || prof.empty?) && (lvl.nil? || lvl.empty?)
224
224
  if prof && lvl && !prof.empty? && !lvl.empty?
225
- return profiles_levels_by_profile(prof).concat(profiles_levels_by_level(lvl))
225
+ return profiles_levels_by_profile(prof) & profiles_levels_by_level(lvl)
226
226
  end
227
227
  return profiles_levels_by_profile(prof) unless prof&.empty?
228
228
 
@@ -78,6 +78,7 @@ module AbideDevUtils
78
78
  end
79
79
 
80
80
  def generate(doc_title = 'Reference')
81
+ default_profile_for_sce_linux!
81
82
  @strings = Strings.new(opts: @opts)
82
83
  md.add_title(doc_title)
83
84
  benchmarks.each do |benchmark|
@@ -121,6 +122,13 @@ module AbideDevUtils
121
122
  private
122
123
 
123
124
  attr_reader :benchmarks, :md
125
+
126
+ def default_profile_for_sce_linux!
127
+ return unless @module_name.split('-').last == 'sce_linux'
128
+ return unless @opts[:select_profile].nil? || @opts[:select_profile].empty?
129
+
130
+ @opts[:select_profile] = ['server']
131
+ end
124
132
  end
125
133
 
126
134
  class ConfigExampleError < StandardError; end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module AbideDevUtils
4
- VERSION = "0.18.6"
4
+ VERSION = "0.18.8"
5
5
  end
@@ -0,0 +1,111 @@
1
+ ## Background
2
+
3
+ The `REFERENCE.md` generated for `sce_linux` on the Forge lists `workstation` profile entries for
4
+ many controls. SCE documentation explicitly states that only the `server` profile is supported;
5
+ `workstation` is neither tested nor supported.
6
+
7
+ Two bugs in `abide_dev_utils` cause this:
8
+
9
+ **Bug 1 — `filtered_profiles_levels` uses OR logic instead of AND (`benchmark.rb:225`).**
10
+ When both `--select-profile` (`-p`) and `--select-level` (`-l`) are passed, the method returns
11
+ the *union* of profile-filtered and level-filtered entries:
12
+
13
+ ```ruby
14
+ return profiles_levels_by_profile(prof).concat(profiles_levels_by_level(lvl))
15
+ ```
16
+
17
+ `profiles_levels_by_level` returns every profile at the requested levels — including
18
+ `workstation` — regardless of what was passed via `-p`. So even when running:
19
+
20
+ ```
21
+ bundle exec abide sce generate reference -p server,classified,public,sensitive -l level_1,level_2,...
22
+ ```
23
+
24
+ `workstation` entries at `level_1` and `level_2` are included because they are matched by the
25
+ level filter and then concatenated in.
26
+
27
+ **Bug 2 — No default profile filter for `sce_linux` when `-p` is omitted (`reference.rb`).**
28
+ When `abide sce generate reference` is run without `-p`, `@opts[:select_profile]` is `nil`.
29
+ `Control#filtered_profiles_levels` treats `nil` as "no filter", returning all profiles including
30
+ `workstation`.
31
+
32
+ ## Change
33
+
34
+ **File:** `lib/abide_dev_utils/sce/benchmark.rb` (modified)
35
+
36
+ Change `concat` to array intersection (`&`) in `Control#filtered_profiles_levels` so that when
37
+ both `prof` and `lvl` are given, only entries matching *both* filters are returned:
38
+
39
+ ```ruby
40
+ # before
41
+ return profiles_levels_by_profile(prof).concat(profiles_levels_by_level(lvl))
42
+
43
+ # after
44
+ return profiles_levels_by_profile(prof) & profiles_levels_by_level(lvl)
45
+ ```
46
+
47
+ **File:** `lib/abide_dev_utils/sce/generate/reference.rb` (modified)
48
+
49
+ In `MarkdownGenerator#generate`, default `@opts[:select_profile]` to `['server']` for `sce_linux`
50
+ when no profile was explicitly provided. This covers invocations that omit `-p` entirely:
51
+
52
+ ```ruby
53
+ def generate(doc_title = 'Reference')
54
+ if @module_name.split('-').last == 'sce_linux' &&
55
+ (@opts[:select_profile].nil? || @opts[:select_profile].empty?)
56
+ @opts[:select_profile] = ['server']
57
+ end
58
+ @strings = Strings.new(opts: @opts)
59
+ ...
60
+ ```
61
+
62
+ **File:** `spec/abide_dev_utils/sce/benchmark_spec.rb` (modified)
63
+
64
+ Add a test that verifies `filtered_profiles_levels` with both `prof` and `lvl` excludes profiles
65
+ not in the filter (i.e., does not include `workstation` when only `server` is requested).
66
+
67
+ **File:** `spec/abide_dev_utils/sce/generate/reference/markdown_generator_spec.rb` (new)
68
+
69
+ Unit tests for the `MarkdownGenerator` opts-defaulting behavior:
70
+
71
+ ```ruby
72
+ RSpec.describe(AbideDevUtils::Sce::Generate::Reference::MarkdownGenerator) do
73
+ context 'with puppetlabs-sce_linux and no select_profile' do
74
+ it 'defaults select_profile to server' do ...
75
+ end
76
+ context 'with puppetlabs-sce_linux and explicit select_profile' do
77
+ it 'does not override select_profile' do ...
78
+ end
79
+ context 'with a non-sce_linux module and no select_profile' do
80
+ it 'does not set a default select_profile' do ...
81
+ end
82
+ end
83
+ ```
84
+
85
+ **File:** `lib/abide_dev_utils/version.rb` (modified)
86
+
87
+ Bump version from `0.18.7` to `0.18.8`.
88
+
89
+ ## Functional behavior
90
+
91
+ After these changes:
92
+
93
+ - Running with both `-p server,...` and `-l level_1,...` returns only controls that match both
94
+ filters — `workstation` entries at the requested levels are no longer included.
95
+ - Running without `-p` against `sce_linux` defaults the profile filter to `['server']`, so
96
+ `workstation` entries are excluded in that case too.
97
+ - Passing `-p server,workstation` explicitly still includes `workstation` (escape hatch preserved).
98
+
99
+ ## Non-goals
100
+
101
+ - Removing `workstation` profile data from the `sce_linux` mapping YAML files.
102
+ - Applying the `sce_linux` default profile to `sce_windows` (separate ticket if needed).
103
+
104
+ ## Acceptance criteria
105
+
106
+ - [ ] Running `bundle exec abide sce generate reference -p server,classified,public,sensitive -l level_1,level_2,mac-1,mac-2,mac-3` against `sce_linux` produces a REFERENCE.md with no `workstation` entries.
107
+ - [ ] Running `bundle exec abide sce generate reference` against `sce_linux` without `-p` produces a REFERENCE.md with no `workstation` entries.
108
+ - [ ] Running with `-p server,workstation` still includes `workstation` entries (escape hatch not broken).
109
+ - [ ] `bundle exec rspec spec/abide_dev_utils/sce/benchmark_spec.rb` passes including the new `filtered_profiles_levels` intersection test.
110
+ - [ ] `bundle exec rspec spec/abide_dev_utils/sce/generate/reference/markdown_generator_spec.rb` passes with all three unit tests.
111
+ - [ ] `lib/abide_dev_utils/version.rb` reads `VERSION = "0.18.8"`.
@@ -0,0 +1,65 @@
1
+ ## Background
2
+
3
+ The `reference_gen_test` CI job in `puppetlabs-sce_linux` fails when OracleLinux 10 is listed in
4
+ `metadata.json` because `abide_dev_utils` cannot find facts for that OS. `abide sce generate
5
+ reference` calls `AbideDevUtils::Ppt::FacterUtils::FactSets#find_by_fact_value_tuples` to load OS
6
+ facts for each supported OS/version. For OracleLinux 10 it returns `nil`, causing:
7
+
8
+ ```
9
+ AbideDevUtils::Errors::BenchmarkLoadError: Error loading benchmark: undefined method `[]' for nil:NilClass, Framework: cis, OS Name: OracleLinux, OS Version: 10
10
+ ```
11
+
12
+ `abide_dev_utils` resolves facts from two sources: `FacterDB.default_fact_files` (the `facterdb`
13
+ gem) and `FacterDB.external_fact_files` pointed at the gem's own `files/fact_sets/` directory.
14
+ Neither source includes an `oraclelinux-10-x86_64.facts` file. AlmaLinux 10 and Rocky 10 are
15
+ already present in `facterdb` 4.1.0; only OracleLinux 10 is missing.
16
+
17
+ ## Change
18
+
19
+ **File:** `files/fact_sets/oraclelinux-10-x86_64.facts` (new)
20
+
21
+ Clone `oraclelinux-9-x86_64.facts` from the `facterdb` 4.11 family and update the following
22
+ OS-identity and kernel fields to reflect Oracle Linux 10.0:
23
+
24
+ | Field | OL 9 value | OL 10 value |
25
+ |---|---|---|
26
+ | `kernelmajversion` | `"5.15"` | `"6.12"` |
27
+ | `kernelrelease` | `"5.15.0-306.177.4.el9uek.x86_64"` | `"6.12.0-55.24.1.el10_0.x86_64"` |
28
+ | `kernelversion` | `"5.15.0"` | `"6.12.0"` |
29
+ | `filesystems` | `"btrfs,xfs,zonefs"` | `"vfat,xfs"` |
30
+ | `os.distro.codename` | `"Plow"` | `"Coughlan"` |
31
+ | `os.distro.description` | `"Oracle Linux Server 9.5"` | `"Oracle Linux Server 10.0"` |
32
+ | `os.distro.release.full` | `"9.5"` | `"10.0"` |
33
+ | `os.distro.release.major` | `"9"` | `"10"` |
34
+ | `os.distro.release.minor` | `"5"` | `"0"` |
35
+ | `os.release.full` | `"9.5"` | `"10.0"` |
36
+ | `os.release.major` | `"9"` | `"10"` |
37
+ | `os.release.minor` | `"5"` | `"0"` |
38
+
39
+ `os.name` (`"OracleLinux"`), `os.family` (`"RedHat"`), and `os.distro.id` (`"Ol"`) are unchanged.
40
+ The memory swap section is removed and mountpoints are updated to reflect a standard OL10 UEFI
41
+ layout (no swap, `/boot/efi` present), mirroring the AlmaLinux 10 factset structure.
42
+ `facterversion` stays `"4.11.0"`.
43
+
44
+ **File:** `lib/abide_dev_utils/version.rb`
45
+
46
+ Bump version from `0.18.6` to `0.18.7`.
47
+
48
+ ## Functional behavior
49
+
50
+ After this change, `AbideDevUtils::Ppt::FacterUtils::FactSets#find_by_fact_value_tuples` returns a
51
+ facts hash when queried for `os.name = "OracleLinux"` and `os.release.major = "10"`, allowing
52
+ `abide sce generate reference` to complete without error for OracleLinux 10.
53
+
54
+ ## Non-goals
55
+
56
+ - Adding OracleLinux 10 to `facterdb` itself (preferred long-term fix, separate upstream
57
+ contribution).
58
+ - Adding OracleLinux 10 facts for facter versions other than 4.11.
59
+
60
+ ## Acceptance criteria
61
+
62
+ - [ ] `files/fact_sets/oraclelinux-10-x86_64.facts` exists and is valid JSON.
63
+ - [ ] `os.name` is `"OracleLinux"`, `os.release.major` is `"10"`, `os.family` is `"RedHat"`.
64
+ - [ ] `bundle exec ruby -e "require 'abide_dev_utils'; puts AbideDevUtils::Ppt::FacterUtils::FactSets.new.find_by_fact_value_tuples(['os.name','OracleLinux'],['os.release.major','10']).dig('os','name')"` prints `OracleLinux`.
65
+ - [ ] `lib/abide_dev_utils/version.rb` reads `VERSION = "0.18.7"`.
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: abide_dev_utils
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.18.6
4
+ version: 0.18.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - abide-team
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2026-05-05 00:00:00.000000000 Z
11
+ date: 2026-06-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri
@@ -375,6 +375,7 @@ files:
375
375
  - bin/setup
376
376
  - docs/ARCHITECTURE.md
377
377
  - exe/abide
378
+ - files/fact_sets/oraclelinux-10-x86_64.facts
378
379
  - files/fact_sets/redhat-10-x86_64.facts
379
380
  - files/fact_sets/windows-2025-x86_64.facts
380
381
  - lib/abide_dev_utils.rb
@@ -467,6 +468,8 @@ files:
467
468
  - lib/abide_dev_utils/xccdf/parser/objects/numbered_object.rb
468
469
  - lib/abide_dev_utils/xccdf/utils.rb
469
470
  - new_diff.rb
471
+ - specifications/CEM-6541.md
472
+ - specifications/CEM-6763.md
470
473
  homepage: https://github.com/puppetlabs/abide_dev_utils
471
474
  licenses:
472
475
  - MIT