Enable security scanning

Change-Id: Ib179ee6b2fcc7cf6c9ac522fdb83755ecbb99f52
Signed-off-by: Luke Hinds <lukehinds@gmail.com>

diff --git a/ci/exec_test.sh b/ci/exec_test.sh
index 2269aa7..3af1649 100755 (executable)
--- a/ci/exec_test.sh
+++ b/ci/exec_test.sh
@@ -134,8 +134,7 @@ function run_test(){
             # ${repos_dir}/ovno/Testcases/RunTests.sh
         ;;
         "security_scan")
-            # To be enabled once verified manually
-            # python ${FUNCTEST_REPO_DIR}/Testcases/security_scan/security_scan.py --config config.ini
+            python ${FUNCTEST_REPO_DIR}/testcases/security_scan/security_scan.py --config ${FUNCTEST_REPO_DIR}/testcases/security_scan/config.ini
         ;;
         *)
             echo "The test case '${test_name}' does not exist."

diff --git a/testcases/security_scan/config.ini b/testcases/security_scan/config.ini
index bfbcf82..9d97fc1 100644 (file)
--- a/testcases/security_scan/config.ini
+++ b/testcases/security_scan/config.ini
@@ -10,7 +10,7 @@ user = heat-admin
 scantype = xccdf
 secpolicy = /usr/share/xml/scap/ssg/content/ssg-centos7-xccdf.xml
 cpe = /usr/share/xml/scap/ssg/content/ssg-rhel7-cpe-dictionary.xml
-profile = standard
+profile = stig-rhel7-server-upstream
 report = report.hmtl
 results = results.xml
 reports_dir=/home/opnfv/functest/results/security_scan/
@@ -22,7 +22,7 @@ user = heat-admin
 scantype = xccdf
 secpolicy = /usr/share/xml/scap/ssg/content/ssg-centos7-xccdf.xml
 cpe = /usr/share/xml/scap/ssg/content/ssg-rhel7-cpe-dictionary.xml
-profile = standard
+profile = sstig-rhel7-server-upstream
 report = report.hmtl
 results = results.xml
 reports_dir=/home/opnfv/functest/results/security_scan/