Add possibility to set cpe to 'oscap xccdf eval' command calls
PROD-25312 (PROD:25312)
Change-Id: I2b8a555b549b99ecf3240433d1ba1febd223e9dc
diff --git a/_modules/oscap/__init__.py b/_modules/oscap/__init__.py
index 4d0be7d..f20d11e 100644
--- a/_modules/oscap/__init__.py
+++ b/_modules/oscap/__init__.py
@@ -26,6 +26,7 @@
profile='default',
xccdf_version='1.2',
tailoring_id=None,
+ cpe=None,
fetch_from_master=False,
benchmark_url=None,
benchmark_basepath='output',
@@ -37,6 +38,7 @@
:param profile: xccdf profile (default 'default')
:param xccdf_version xccdf benchmark version (default 1.2)
:param tailoring_id id of your tailoring data (default None)
+ :param cpe CPE dictionary or language for applicability checks (default None)
:param fetch_from_master: fetch oscap input data from the master (default False)
:param benchmark_basepath: basepath where the benchmark will be searched (default 'output')
:param saltenv: saltenv, used for cached files (default 'base')
@@ -74,6 +76,7 @@
profile=profile,
pillar_data=pillar_data,
tailoring_id=tailoring_id,
+ cpe=cpe,
xccdf_version=xccdf_version)
success = _OSCAP_XCCDF_EXIT_CODES_MAP[rc]
diff --git a/_modules/oscap/commands.py b/_modules/oscap/commands.py
index 69e7fbc..a9b342d 100644
--- a/_modules/oscap/commands.py
+++ b/_modules/oscap/commands.py
@@ -9,7 +9,8 @@
pillar_data=None,
xccdf_version='1.2',
profile='default',
- tailoring_id=None):
+ tailoring_id=None,
+ cpe=None):
tailoring_file = None
profile = normalize_id(profile, xccdf_version=xccdf_version)
@@ -24,12 +25,15 @@
cmd = 'oscap xccdf eval --profile {profile} ' +\
'--results results.xml --report report.html'
+ if cpe:
+ cmd += ' --cpe {cpe}'
if tailoring_file:
cmd += ' --tailoring-file {tailoring_file}'
cmd += ' {benchmark}'
cmd = cmd.format(profile=profile,
tailoring_file=tailoring_file,
- benchmark=benchmark)
+ benchmark=benchmark,
+ cpe=cpe)
if tailoring_file:
with open(tailoring_file, 'w') as f: