Add documentation of the steps that OVAL content goes through during the build #11336
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
|
|
@@ -86,6 +86,13 @@ of occurrence: | |||||
| - Generate content for derived products (such as CentOS and Scientific Linux). | ||||||
| - Generate HTML tables, Bash scripts, Ansible Playbooks and other secondary artifacts. | ||||||
|
|
||||||
| ## How OVAL is build | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
|
|
||||||
| Creating OVAL checks is done in two steps. First, all available OVAL checks are combined into a one unlinked OVAL document. The OVAL shorthands are loaded into the OVAL Document object and, in the case of template shorthand, extended using jinja macros before loading. If the shorthand is already loaded into the OVAL Document object, it is skipped. Shorthands are loaded in the order that benchmark checks are loaded first, followed by shared directory checks. | ||||||
|
There was a problem hiding this comment. Per the style guide please have one sentence per line. There was a problem hiding this comment. This is against the style guide. There should be one sentence per line. There was a problem hiding this comment. I want information about which scripts perform each of these actions. |
||||||
|
|
||||||
| The second step is to link the generated document from the previous step with the XCCDF document. | ||||||
| The unlinked OVAL document is loaded into the OVAL Document object while the XML file is being loaded into the object instance. Validation of the OVAL document is performed during and after loading (for example, whether all the checks listed in the XCCDF are present in the OVAL document). After validation of the OVAL document, the IDs are converted to valid OVAL IDs. The OVAL document is then saved as an XML file. During saving, a minimal OVAL document is generated for each rule as an artifact. The last step is to link the file to the XCCDF document. | ||||||
|
There was a problem hiding this comment. Which XML file is being loaded into the object instance? There was a problem hiding this comment. Can you elaborate more on the validation step? There was a problem hiding this comment. Where is the "minimal OVAL document" stored? There was a problem hiding this comment. What does it take "to link the file to the XCCDF"? What is difference between linked and unlinked document? There was a problem hiding this comment. Which script performs this step? |
||||||
|
|
||||||
| ### Python Build Scripts | ||||||
|
|
||||||
| Various Python utilities under `/build-scripts` contribute to this process; | ||||||
|
|
||||||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Title case per the style guide and consider change the tense for clarity.