Skip to content

Commit

Permalink
Merge pull request #112 from oracle-quickstart/release-2.5.12
Browse files Browse the repository at this point in the history 
Release 2.5.12
  • Loading branch information
@andrecorreaneto
andrecorreaneto authored Jun 29, 2023
2 parents f6ce125 + b5cf011 commit fdff637
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 9 deletions.
9 changes: 9 additions & 0 deletions release-notes.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,12 @@
# June 29, 2023 Release Notes - 2.5.12
1. [Fixes to the CIS Compliance Script](#2-5-12-script-fixes)

## <a name="2-5-12-script-fixes">Fixes to the CIS Compliance Script</a>
Fixes:
- Fixed a logic issue for Security Lists and Network Security Groups with source ports but no destination ports
- Removed Deeplink from Exception handling when reading object storage buckets
- OBP check for budgets now verifies that there is budget with an alert for the root compartment

# June 20, 2023 Release Notes - 2.5.11
1. [Performance update to the CIS Compliance Script](#2-5-11-script-performance)
1. [Summary Data update to the CIS Compliance Script](#2-5-11-script-updates)
Expand Down
15 changes: 6 additions & 9 deletions scripts/cis_reports.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,9 +33,9 @@
except:
OUTPUT_TO_XLSX = False

RELEASE_VERSION = "2.5.11"
RELEASE_VERSION = "2.5.12"
PYTHON_SDK_VERSION = "2.103.0"
UPDATED_DATE = "June 20, 2023"
UPDATED_DATE = "June 29, 2023"

##########################################################################
# Print header centered
Expand Down Expand Up @@ -1299,7 +1299,6 @@ def __os_read_buckets(self):
search_details=oci.resource_search.models.StructuredSearchDetails(
query="query Bucket resources return allAdditionalFields where compartmentId != '" + self.__managed_paas_compartment_id + "'")
).data

# Getting Bucket Info
for bucket in buckets_data:
try:
Expand Down Expand Up @@ -1328,12 +1327,10 @@ def __os_read_buckets(self):
}
self.__buckets.append(record)
except Exception as e:
deep_link = self.__oci_buckets_uri + bucket.additional_details['namespace'] + \
"/" + bucket.display_name + "/objects?region=" + region_key
record = {
"id": "",
"name": bucket.display_name,
"deep_link": self.__generate_csv_hyperlink(deep_link, bucket.display_name),
"deep_link": "",
"kms_key_id": "",
"namespace": bucket.additional_details['namespace'],
"compartment_id": bucket.compartment_id,
Expand Down Expand Up @@ -3371,7 +3368,7 @@ def __report_cis_analyze_tenancy_data(self):
for sl in self.__network_security_lists:
for irule in sl['ingress_security_rules']:
if irule['source'] == "0.0.0.0/0" and irule['protocol'] == '6':
if irule['tcp_options']:
if irule['tcp_options'] and irule['tcp_options']['destinationPortRange']:
port_min = irule['tcp_options']['destinationPortRange']['min']
port_max = irule['tcp_options']['destinationPortRange']['max']
ports_range = range(port_min, port_max +1)
Expand Down Expand Up @@ -3419,7 +3416,7 @@ def __report_cis_analyze_tenancy_data(self):
for nsg in self.__network_security_groups:
for rule in nsg['rules']:
if rule['source'] == "0.0.0.0/0" and rule['protocol'] == '6':
if rule['tcp_options']:
if rule['tcp_options'] and rule['tcp_options'].destination_port_range:
port_min = rule['tcp_options'].destination_port_range.min
port_max = rule['tcp_options'].destination_port_range.max
ports_range = range(port_min,port_max+1)
Expand Down Expand Up @@ -3693,7 +3690,7 @@ def __obp_analyze_tenancy_data(self):
## Determines if a Budget Exists with an alert rule
if len(self.__budgets) > 0:
for budget in self.__budgets:
if budget['alert_rule_count'] > 0:
if budget['alert_rule_count'] >0 and budget['target_compartment_id'] == self.__tenancy.id:
self.obp_foundations_checks['Cost_Tracking_Budgets']['Status'] = True
self.obp_foundations_checks['Cost_Tracking_Budgets']['OBP'].append(budget)
else:
Expand Down

0 comments on commit fdff637

Please sign in to comment.