OCP Update variable filter to consider go_template

Update the variable filter to find if a rule is using go-template, if so find any var being used, add them to var list for that rule
ComplianceAsCode · Apr 26, 2024 · e53e8a1 · e53e8a1
1 parent 59013f6
commit e53e8a1
Showing 1 changed file with 8 additions and 1 deletion.
diff --git a/build-scripts/build_xccdf.py b/build-scripts/build_xccdf.py
@@ -6,7 +6,7 @@
 import os
 import os.path
 from collections import namedtuple
-
+import re
 
 import ssg.build_yaml
 import ssg.utils
@@ -117,6 +117,8 @@ def get_linked_xccdf(loader, xccdftree, args):
 def get_rules_with_variables(xccdftree):
     rules = xccdftree.findall(".//{%s}Rule" % ssg.constants.XCCDF12_NS)
     out_var_ids = {}
+    go_templating_pattern = re.compile(r"{{(.*?)}}")
+    go_templating_pattern_var =  re.compile(r"\.([a-zA-Z0-9_]+)")
     for rule in rules:
         var_ids = set()
         check_export_els = rule.findall(".//{%s}check-export" % ssg.constants.XCCDF12_NS)
@@ -129,9 +131,14 @@ def get_rules_with_variables(xccdftree):
             var_ids.add(
                 sub_el.get("idref").replace("xccdf_org.ssgproject.content_value_", "")
             )
+        for ele in rule.itertext():
+            for match in go_templating_pattern.finditer(ele):
+                for var in go_templating_pattern_var.finditer(match.group(1)):
+                    var_ids.add(var.group(1))
         out_var_ids[
             rule.get("id").replace("xccdf_org.ssgproject.content_rule_", "")
         ] = var_ids
+        print("Rule: ", rule.get("id"), "Variables: ", var_ids)
     return out_var_ids