Skip to content

CMP-2454: PCI-DSS v4 Requirement 2#11825

Merged
rhmdnd merged 3 commits into
ComplianceAsCode:masterfrom
yuumasato:pcidss_4_req_2
Apr 23, 2024
Merged

CMP-2454: PCI-DSS v4 Requirement 2#11825
rhmdnd merged 3 commits into
ComplianceAsCode:masterfrom
yuumasato:pcidss_4_req_2

Conversation

@yuumasato
Copy link
Copy Markdown
Member

@yuumasato yuumasato commented Apr 16, 2024

Description:

  • 2.1 is not applicable
  • OCP's purpose is not to define and manage processes for all system's configurations
  • 2.2 is partial
    • OCP can manage and configure its components securely, but not external components.
  • 2.3 is not applicable
    • OCP doesn't manage wireless environments

@yuumasato yuumasato added OpenShift OpenShift product related. pci-dss labels Apr 16, 2024
@yuumasato yuumasato requested review from Vincent056 and rhmdnd April 16, 2024 14:46
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 16, 2024

Start a new ephemeral environment with changes proposed in this pull request:

Fedora Environment
Open in Gitpod

Oracle Linux 8 Environment
Open in Gitpod

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 16, 2024
edited
Loading

🤖 A k8s content image for this PR is available at:
ghcr.io/complianceascode/k8scontent:11825
This image was built from commit: 9c9c71c

Click here to see how to deploy it

If you alread have Compliance Operator deployed:
utils/build_ds_container.py -i ghcr.io/complianceascode/k8scontent:11825

Otherwise deploy the content and operator together by checking out ComplianceAsCode/compliance-operator and:
CONTENT_IMAGE=ghcr.io/complianceascode/k8scontent:11825 make deploy-local

@rhmdnd rhmdnd requested review from BhargaviGudi and xiaojiey April 19, 2024 19:55
rhmdnd
rhmdnd reviewed Apr 19, 2024
View reviewed changes
Comment thread controls/pcidss_4_ocp4.yml Outdated
rhmdnd
rhmdnd reviewed Apr 19, 2024
View reviewed changes
Comment thread controls/pcidss_4_ocp4.yml
rhmdnd
rhmdnd reviewed Apr 19, 2024
View reviewed changes
Comment thread controls/pcidss_4_ocp4.yml Outdated
rhmdnd
rhmdnd reviewed Apr 19, 2024
View reviewed changes
Comment thread controls/pcidss_4_ocp4.yml Outdated
rhmdnd
rhmdnd reviewed Apr 19, 2024
View reviewed changes
Comment thread controls/pcidss_4_ocp4.yml Outdated
rhmdnd
rhmdnd reviewed Apr 19, 2024
View reviewed changes
Comment thread controls/pcidss_4_ocp4.yml Outdated
rhmdnd
rhmdnd reviewed Apr 19, 2024
View reviewed changes
Comment thread controls/pcidss_4_ocp4.yml
rhmdnd
rhmdnd reviewed Apr 19, 2024
View reviewed changes
Copy link
Copy Markdown
Collaborator

@rhmdnd rhmdnd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks pretty good, just a few comments and suggestions inline.

@yuumasato
CMP-2454: Mark Requirement 2.1 as not applicable
416ddf9 
These controls are documentation and process specific and there isn't a
way to enforce them using the Compliance Operator. Mark them as not
applicable.
@yuumasato
CMP-2454: Implement and justify Requirement 2.2
0b1c4c6 
These controls document and configure usage of system components.
@yuumasato
CMP-2454: Mark Requirement 2.3 as not applicable
9c9c71c 
These controls document and process the management of wireless
environments including their default settings, paswords and encryption
keys.

Wireless environments and appliances are specific to each deployment and
are not managed by OpenShift.
@yuumasato
Copy link
Copy Markdown
Member Author

yuumasato commented Apr 22, 2024

@rhmdnd Thank you for the review.

Suggestions implemented or replied to.

@qlty-cloud-legacy
Copy link
Copy Markdown

qlty-cloud-legacy Bot commented Apr 22, 2024

Code Climate has analyzed commit 9c9c71c and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 59.2% (0.0% change).

View more on Code Climate.

rhmdnd
rhmdnd approved these changes Apr 22, 2024
View reviewed changes
Copy link
Copy Markdown
Collaborator

@rhmdnd rhmdnd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@xiaojiey
Copy link
Copy Markdown
Collaborator

xiaojiey commented Apr 23, 2024

/label qe-approved

@xiaojiey
Copy link
Copy Markdown
Collaborator

xiaojiey commented Apr 23, 2024

/lgtm

@rhmdnd rhmdnd merged commit d4f94de into ComplianceAsCode:master Apr 23, 2024
@yuumasato yuumasato deleted the pcidss_4_req_2 branch April 23, 2024 14:47
@yuumasato yuumasato added this to the 0.1.73 milestone Apr 23, 2024
@Mab879 Mab879 added the Update Profile Issues or pull requests related to Profiles updates. label May 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rhmdnd rhmdnd rhmdnd approved these changes

@Vincent056 Vincent056 Awaiting requested review from Vincent056

@xiaojiey xiaojiey Awaiting requested review from xiaojiey

@BhargaviGudi BhargaviGudi Awaiting requested review from BhargaviGudi

Assignees

@rhmdnd rhmdnd

Labels

OpenShift OpenShift product related. pci-dss Update Profile Issues or pull requests related to Profiles updates.

Projects

None yet

Milestone

0.1.73

Development

Successfully merging this pull request may close these issues.

4 participants

@yuumasato @xiaojiey @rhmdnd @Mab879