Add a warning to AutoMatus

[jan-cerny]

This adds a warning that prevents a confusion in situation when a test scenario has a profile in its header but the rule isn't a part of that profile but is present in the built data stream.

For more context, see:
#10369

Rationale:

This can save a lot of time when investigating errors in Automatus output.

Review Hints:

• use steps to reproduce from Automatus struggles with profile-specific test scenarios #10369
• use your favourite rule that uses a lot of profile headers in their test scenarios, for example selinux_state: python3 tests/automatus.py rule --libvirt qemu:///system ssgts_rhel8 --scenario selinux_enforcing.pass.sh selinux_state
• find some rule ad try adding and removing and changing various profiles headers to some test scenario, eg. no_line.fail.sh in sshd_rekey_limit and watch when the message apears, try both profiles that the rule is part of and profiles that the rule isn't part of: python3 tests/automatus.py rule --libvirt qemu:///system ssgts_rhel8 --scenario no_line.fail.sh sshd_rekey_limit

[github-actions]

Start a new ephemeral environment with changes proposed in this pull request:

Fedora Environment

Oracle Linux 8 Environment

[jan-cerny]

I will not modify the amount of _check_rule_scenario parameters because I didn't change nor introduce its definition.

[jan-cerny]

I have rebased this PR on the top of the latest upstream master branch.

[ggbecker]

This is a good addition although in my opinion we should in future PRs slowly get away from the profiles test scenario metadata in favor of using variables metadata as we can define a XCCDF variable to make the test scenario independent of profile variables as this is something that can change over time for example.

[jan-cerny]

This is a good addition although in my opinion we should in future PRs slowly get away from the profiles test scenario metadata in favor of using variables metadata as we can define a XCCDF variable to make the test scenario independent of profile variables as this is something that can change over time for example.

I fully agree.

Do you want some changes related to this in this PR?

[jan-cerny]

There is a fail in the Testing farm CentOS stream 8 job:

:: [ 16:31:39 ] :: [   FAIL   ] :: Rules not passing after remediation:

xccdf_org.ssgproject.content_rule_accounts_password_pam_pwhistory_remember_password_auth - fail

xccdf_org.ssgproject.content_rule_accounts_password_pam_pwhistory_remember_system_auth - fail 

But, it's in the /Sanity/machine-hardening/stig test which doesn't use AutoMatus at all. I guess it isn't related to the PR?

[jan-cerny]

I have rebased this PR on the top of the latest upstream master branch.

[ggbecker]

This is a good addition although in my opinion we should in future PRs slowly get away from the profiles test scenario metadata in favor of using variables metadata as we can define a XCCDF variable to make the test scenario independent of profile variables as this is something that can change over time for example.

I fully agree.

Do you want some changes related to this in this PR?

Not necessarily, I would prefer a separate PR for that.

[codeclimate]

Code Climate has analyzed commit bbbc85f and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 52.4% (0.0% change).

View more on Code Climate.

[jan-cerny]

Great!

[marcusburghardt]

@ggbecker , are you ok assigning this PR for you and reviewing it?