OCPBUGS-31674: coreos_kernel_options -update entries file path

[yuumasato]

Description:

• Loosen the regex so that it matches 4.15 and 4.16 files.
  • 4.15: /boot/loader/entries/ostree-1-rhcos.conf
  • 4.16: /boot/loader/entries/ostree-1.conf
• This change is backwards compatible.

Rationale:

• In OCP 4.16 the file where kernel boot options are configured changed.

• Fixes OCPBUGS-31674

[yuumasato]

/test help

[openshift-ci]

@yuumasato: The specified target(s) for /test were not found.
The following commands are available to trigger required jobs:

• /test 4.13-e2e-aws-ocp4-bsi
• /test 4.13-e2e-aws-ocp4-bsi-node
• /test 4.13-e2e-aws-ocp4-cis
• /test 4.13-e2e-aws-ocp4-cis-node
• /test 4.13-e2e-aws-ocp4-e8
• /test 4.13-e2e-aws-ocp4-high
• /test 4.13-e2e-aws-ocp4-high-node
• /test 4.13-e2e-aws-ocp4-moderate
• /test 4.13-e2e-aws-ocp4-moderate-node
• /test 4.13-e2e-aws-ocp4-pci-dss
• /test 4.13-e2e-aws-ocp4-pci-dss-node
• /test 4.13-e2e-aws-ocp4-stig
• /test 4.13-e2e-aws-ocp4-stig-node
• /test 4.13-e2e-aws-rhcos4-bsi
• /test 4.13-e2e-aws-rhcos4-e8
• /test 4.13-e2e-aws-rhcos4-high
• /test 4.13-e2e-aws-rhcos4-moderate
• /test 4.13-e2e-aws-rhcos4-stig
• /test 4.13-images
• /test 4.14-e2e-aws-ocp4-bsi
• /test 4.14-e2e-aws-ocp4-bsi-node
• /test 4.14-e2e-aws-rhcos4-bsi
• /test 4.14-images
• /test 4.15-e2e-aws-ocp4-bsi
• /test 4.15-e2e-aws-ocp4-bsi-node
• /test 4.15-e2e-aws-ocp4-cis
• /test 4.15-e2e-aws-ocp4-cis-node
• /test 4.15-e2e-aws-ocp4-e8
• /test 4.15-e2e-aws-ocp4-high
• /test 4.15-e2e-aws-ocp4-high-node
• /test 4.15-e2e-aws-ocp4-moderate
• /test 4.15-e2e-aws-ocp4-moderate-node
• /test 4.15-e2e-aws-ocp4-pci-dss
• /test 4.15-e2e-aws-ocp4-pci-dss-node
• /test 4.15-e2e-aws-ocp4-stig
• /test 4.15-e2e-aws-ocp4-stig-node
• /test 4.15-e2e-aws-rhcos4-bsi
• /test 4.15-e2e-aws-rhcos4-e8
• /test 4.15-e2e-aws-rhcos4-high
• /test 4.15-e2e-aws-rhcos4-moderate
• /test 4.15-e2e-aws-rhcos4-stig
• /test 4.15-e2e-rosa-ocp4-cis-node
• /test 4.15-e2e-rosa-ocp4-pci-dss-node
• /test 4.15-images
• /test 4.16-e2e-aws-ocp4-bsi
• /test 4.16-e2e-aws-ocp4-bsi-node
• /test 4.16-e2e-aws-ocp4-cis
• /test 4.16-e2e-aws-ocp4-cis-node
• /test 4.16-e2e-aws-ocp4-e8
• /test 4.16-e2e-aws-ocp4-high
• /test 4.16-e2e-aws-ocp4-high-node
• /test 4.16-e2e-aws-ocp4-moderate
• /test 4.16-e2e-aws-ocp4-moderate-node
• /test 4.16-e2e-aws-ocp4-pci-dss
• /test 4.16-e2e-aws-ocp4-pci-dss-node
• /test 4.16-e2e-aws-ocp4-stig
• /test 4.16-e2e-aws-ocp4-stig-node
• /test 4.16-e2e-aws-rhcos4-bsi
• /test 4.16-e2e-aws-rhcos4-e8
• /test 4.16-e2e-aws-rhcos4-high
• /test 4.16-e2e-aws-rhcos4-moderate
• /test 4.16-e2e-aws-rhcos4-stig
• /test 4.16-images
• /test e2e-aws-ocp4-bsi
• /test e2e-aws-ocp4-bsi-node
• /test e2e-aws-ocp4-cis
• /test e2e-aws-ocp4-cis-node
• /test e2e-aws-ocp4-e8
• /test e2e-aws-ocp4-high
• /test e2e-aws-ocp4-high-node
• /test e2e-aws-ocp4-moderate
• /test e2e-aws-ocp4-moderate-node
• /test e2e-aws-ocp4-pci-dss
• /test e2e-aws-ocp4-pci-dss-node
• /test e2e-aws-ocp4-stig
• /test e2e-aws-ocp4-stig-node
• /test e2e-aws-rhcos4-bsi
• /test e2e-aws-rhcos4-e8
• /test e2e-aws-rhcos4-high
• /test e2e-aws-rhcos4-moderate
• /test e2e-aws-rhcos4-stig
• /test images

Use /test all to run the following jobs that were automatically triggered:

• pull-ci-ComplianceAsCode-content-master-4.13-images
• pull-ci-ComplianceAsCode-content-master-4.14-images
• pull-ci-ComplianceAsCode-content-master-4.15-images
• pull-ci-ComplianceAsCode-content-master-4.16-images
• pull-ci-ComplianceAsCode-content-master-images

In response to this:

/test help

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[yuumasato]

/test 4.15-e2e-aws-rhcos4-moderate
/test 4.16-e2e-aws-rhcos4-moderate

[github-actions]

Start a new ephemeral environment with changes proposed in this pull request:

Fedora Environment

Oracle Linux 8 Environment

[github-actions]

🤖 A k8s content image for this PR is available at:
ghcr.io/complianceascode/k8scontent:12069
This image was built from commit: 450ba39

Click here to see how to deploy it

If you alread have Compliance Operator deployed:
utils/build_ds_container.py -i ghcr.io/complianceascode/k8scontent:12069

Otherwise deploy the content and operator together by checking out ComplianceAsCode/compliance-operator and:
CONTENT_IMAGE=ghcr.io/complianceascode/k8scontent:12069 make deploy-local

[codeclimate]

Code Climate has analyzed commit 450ba39 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 59.4% (0.0% change).

View more on Code Climate.

[xiaojiey]

/hold for test

[xiaojiey]

Verification pass with ghcr.io/complianceascode/k8scontent:12069

1. Create a custom machineconfigpool called wrscan;
2. Create a scansetting named test with wrscan role;
3. Create a ssb with moderate profiles and test scansetting
4. Trigger a rescan until all cr get applied
5. Trigger another rescan to get the final result   
% oc get ccr -l compliance.openshift.io/automated-remediation=,compliance.openshift.io/check-status=FAIL,compliance.openshift.io/suite=moderate-test
No resources found in openshift-compliance namespace.
% oc get ccr | grep audit-backlog-limit-kernel-argument 
rhcos4-moderate-wrscan-coreos-audit-backlog-limit-kernel-argument                                            FAIL     medium
upstream-rhcos4-moderate-wrscan-coreos-audit-backlog-limit-kernel-argument                                   PASS     medium

[xiaojiey]

/unhold

[rhmdnd]

/lgtm

[yuumasato]

Merging based on Dev and QE reviews.