From 5f2fca1fc5620b92c167247177c9146be652abc2 Mon Sep 17 00:00:00 2001
From: Lance Bragstad <lbragsta@redhat.com>
Date: Tue, 3 Sep 2024 11:04:53 -0500
Subject: [PATCH] Update assertions for ingress controller TLS check

We recently incorporated a new rule into the CIS profile that checks
ingress controller TLS configs:

  https://github.com/ComplianceAsCode/content/pull/12220

We added it to the CIS profile, but didn't update the assertions in the
moderate or high profiles, which is causing periodic CI to fail. This
commit adds the assertion to the moderate and high test files so we're
checking it in subsequent CI runs.
---
 tests/assertions/ocp4/ocp4-cis-4.17.yml      | 3 +++
 tests/assertions/ocp4/ocp4-high-4.13.yml     | 3 +++
 tests/assertions/ocp4/ocp4-high-4.14.yml     | 3 +++
 tests/assertions/ocp4/ocp4-high-4.15.yml     | 3 +++
 tests/assertions/ocp4/ocp4-high-4.16.yml     | 3 +++
 tests/assertions/ocp4/ocp4-high-4.17.yml     | 3 +++
 tests/assertions/ocp4/ocp4-moderate-4.13.yml | 3 +++
 tests/assertions/ocp4/ocp4-moderate-4.14.yml | 3 +++
 tests/assertions/ocp4/ocp4-moderate-4.15.yml | 3 +++
 tests/assertions/ocp4/ocp4-moderate-4.16.yml | 3 +++
 tests/assertions/ocp4/ocp4-moderate-4.17.yml | 3 +++
 11 files changed, 33 insertions(+)

diff --git a/tests/assertions/ocp4/ocp4-cis-4.17.yml b/tests/assertions/ocp4/ocp4-cis-4.17.yml
index 51364e1ed366..35c567940369 100644
--- a/tests/assertions/ocp4/ocp4-cis-4.17.yml
+++ b/tests/assertions/ocp4/ocp4-cis-4.17.yml
@@ -293,3 +293,6 @@ rule_results:
  e2e-cis-secrets-no-environment-variables:
    default_result: MANUAL
    result_after_remediation: MANUAL
+ e2e-cis-kubelet-configure-tls-cipher-suites-ingresscontroller:
+   default_result: FAIL
+   result_after_remediation: PASS
diff --git a/tests/assertions/ocp4/ocp4-high-4.13.yml b/tests/assertions/ocp4/ocp4-high-4.13.yml
index dc9407ed83dd..4cff01b6b48e 100644
--- a/tests/assertions/ocp4/ocp4-high-4.13.yml
+++ b/tests/assertions/ocp4/ocp4-high-4.13.yml
@@ -376,3 +376,6 @@ rule_results:
     default_result: MANUAL
   e2e-high-secrets-no-environment-variables:
     default_result: MANUAL
+  e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller:
+    default_result: FAIL
+    result_after_remediation: PASS
diff --git a/tests/assertions/ocp4/ocp4-high-4.14.yml b/tests/assertions/ocp4/ocp4-high-4.14.yml
index 79f27d693d9c..40ef217c9f0a 100644
--- a/tests/assertions/ocp4/ocp4-high-4.14.yml
+++ b/tests/assertions/ocp4/ocp4-high-4.14.yml
@@ -376,3 +376,6 @@ rule_results:
     default_result: MANUAL
   e2e-high-secrets-no-environment-variables:
     default_result: MANUAL
+  e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller:
+    default_result: FAIL
+    result_after_remediation: PASS
diff --git a/tests/assertions/ocp4/ocp4-high-4.15.yml b/tests/assertions/ocp4/ocp4-high-4.15.yml
index 23e7ef5e3108..c240c235423a 100644
--- a/tests/assertions/ocp4/ocp4-high-4.15.yml
+++ b/tests/assertions/ocp4/ocp4-high-4.15.yml
@@ -403,3 +403,6 @@ rule_results:
   e2e-high-secrets-no-environment-variables:
     default_result: MANUAL
     result_after_remediation: MANUAL
+  e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller:
+    default_result: FAIL
+    result_after_remediation: PASS
diff --git a/tests/assertions/ocp4/ocp4-high-4.16.yml b/tests/assertions/ocp4/ocp4-high-4.16.yml
index 23e7ef5e3108..c240c235423a 100644
--- a/tests/assertions/ocp4/ocp4-high-4.16.yml
+++ b/tests/assertions/ocp4/ocp4-high-4.16.yml
@@ -403,3 +403,6 @@ rule_results:
   e2e-high-secrets-no-environment-variables:
     default_result: MANUAL
     result_after_remediation: MANUAL
+  e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller:
+    default_result: FAIL
+    result_after_remediation: PASS
diff --git a/tests/assertions/ocp4/ocp4-high-4.17.yml b/tests/assertions/ocp4/ocp4-high-4.17.yml
index c3e9bd411cef..9e56115478fb 100644
--- a/tests/assertions/ocp4/ocp4-high-4.17.yml
+++ b/tests/assertions/ocp4/ocp4-high-4.17.yml
@@ -404,3 +404,6 @@ rule_results:
  e2e-high-secrets-no-environment-variables:
    default_result: MANUAL
    result_after_remediation: MANUAL
+ e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller:
+   default_result: FAIL
+   result_after_remediation: PASS
diff --git a/tests/assertions/ocp4/ocp4-moderate-4.13.yml b/tests/assertions/ocp4/ocp4-moderate-4.13.yml
index c23d2e5e8baf..612900dc69a4 100644
--- a/tests/assertions/ocp4/ocp4-moderate-4.13.yml
+++ b/tests/assertions/ocp4/ocp4-moderate-4.13.yml
@@ -394,3 +394,6 @@ rule_results:
   e2e-moderate-secrets-no-environment-variables:
     default_result: MANUAL
     result_after_remediation: MANUAL
+  e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller:
+    default_result: FAIL
+    result_after_remediation: PASS
diff --git a/tests/assertions/ocp4/ocp4-moderate-4.14.yml b/tests/assertions/ocp4/ocp4-moderate-4.14.yml
index 12bff0d98dac..afa14a469d59 100644
--- a/tests/assertions/ocp4/ocp4-moderate-4.14.yml
+++ b/tests/assertions/ocp4/ocp4-moderate-4.14.yml
@@ -394,3 +394,6 @@ rule_results:
   e2e-moderate-secrets-no-environment-variables:
     default_result: MANUAL
     result_after_remediation: MANUAL
+  e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller:
+    default_result: FAIL
+    result_after_remediation: PASS
diff --git a/tests/assertions/ocp4/ocp4-moderate-4.15.yml b/tests/assertions/ocp4/ocp4-moderate-4.15.yml
index aa440cbb0c11..037cf1fa00f1 100644
--- a/tests/assertions/ocp4/ocp4-moderate-4.15.yml
+++ b/tests/assertions/ocp4/ocp4-moderate-4.15.yml
@@ -368,3 +368,6 @@ rule_results:
     default_result: MANUAL
   e2e-moderate-secrets-no-environment-variables:
     default_result: MANUAL
+  e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller:
+    default_result: FAIL
+    result_after_remediation: PASS
diff --git a/tests/assertions/ocp4/ocp4-moderate-4.16.yml b/tests/assertions/ocp4/ocp4-moderate-4.16.yml
index 12bff0d98dac..afa14a469d59 100644
--- a/tests/assertions/ocp4/ocp4-moderate-4.16.yml
+++ b/tests/assertions/ocp4/ocp4-moderate-4.16.yml
@@ -394,3 +394,6 @@ rule_results:
   e2e-moderate-secrets-no-environment-variables:
     default_result: MANUAL
     result_after_remediation: MANUAL
+  e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller:
+    default_result: FAIL
+    result_after_remediation: PASS
diff --git a/tests/assertions/ocp4/ocp4-moderate-4.17.yml b/tests/assertions/ocp4/ocp4-moderate-4.17.yml
index 5e4e3730b78e..867aa8a10ff3 100644
--- a/tests/assertions/ocp4/ocp4-moderate-4.17.yml
+++ b/tests/assertions/ocp4/ocp4-moderate-4.17.yml
@@ -395,3 +395,6 @@ rule_results:
  e2e-moderate-secrets-no-environment-variables:
    default_result: MANUAL
    result_after_remediation: MANUAL
+ e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller:
+   default_result: FAIL
+   result_after_remediation: PASS