Managing code changes between STIG updates #278
-
|
I am currently working on converting the SQL Server xccdf to inspec. Based off of what I've seen from VMware's inspec profiles, it appears I'll have to append some code at the end of many of the .rb files. For instance (just sample code, I don't know Ruby yet) command = "(Get-DbaLogin -SqlInstance #{input('sqlInstance')} | Where-Object Id -eq 1).Name"
describe ps_command(command) do
its('stdout.strip') { should_not be 'sa' }But the stig is often updated so I imagine I'd be regenerating my .rb files quarterly. How can I associate code that is not overwritten but the text is updated? I tried the metadata file but that doesn't seem to be what I'm after. |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
Hi @potatoqualitee, This is something we have started work on, however due to the prioritization of other projects it hasn't had much progress (see #94). While we do hope to have such feature in the future, it's currently a backlog item and not possible with the current version of the SAF CLI. |
Beta Was this translation helpful? Give feedback.
-
|
Ah, thank you! I will wait 👍🏼 |
Beta Was this translation helpful? Give feedback.
Hi @potatoqualitee,
This is something we have started work on, however due to the prioritization of other projects it hasn't had much progress (see #94).
While we do hope to have such feature in the future, it's currently a backlog item and not possible with the current version of the SAF CLI.