OCPBUGS-38312: Add auto-remediation for rule service_systemd-coredump_disabled

[xiaojiey]

Description:

Add auto-remediation for rule service_systemd-coredump_disabled

Rationale:

• Rationale here. Replace this text. Don't use the italics format!

1. add auto-remediation for rule service_systemd-coredump_disabled
   The rule rule service_systemd-coredump_disabled with below machineconfig for ocp:
   `apiVersion: machineconfiguration.openshift.io/v1
   kind: MachineConfig
   spec:
   config:
   ignition:
   version: 3.1.0
   systemd:
   units:
   • name: systemd-coredump.socket
     enabled: false
     mask: true
   • name: systemd-coredump.service
     enabled: false
     mask: true`
2. update e2e test results

Review Hints:

[jan-cerny]

@xiaojiey Please fill the PR description.

[xiaojiey]

/test e2e-rhcos4-moderate

[openshift-ci]

@xiaojiey: The specified target(s) for /test were not found.
The following commands are available to trigger required jobs:

/test 4.12-e2e-aws-ocp4-cis

/test 4.12-e2e-aws-ocp4-cis-node

/test 4.12-e2e-aws-ocp4-e8

/test 4.12-e2e-aws-ocp4-high

/test 4.12-e2e-aws-ocp4-high-node

/test 4.12-e2e-aws-ocp4-moderate

/test 4.12-e2e-aws-ocp4-moderate-node

/test 4.12-e2e-aws-ocp4-pci-dss

/test 4.12-e2e-aws-ocp4-pci-dss-4-0

/test 4.12-e2e-aws-ocp4-pci-dss-node

/test 4.12-e2e-aws-ocp4-pci-dss-node-4-0

/test 4.12-e2e-aws-ocp4-stig

/test 4.12-e2e-aws-ocp4-stig-node

/test 4.12-e2e-aws-rhcos4-e8

/test 4.12-e2e-aws-rhcos4-high

/test 4.12-e2e-aws-rhcos4-moderate

/test 4.12-e2e-aws-rhcos4-stig

/test 4.12-images

/test 4.13-e2e-aws-ocp4-bsi

/test 4.13-e2e-aws-ocp4-bsi-node

/test 4.13-e2e-aws-ocp4-cis

/test 4.13-e2e-aws-ocp4-cis-node

/test 4.13-e2e-aws-ocp4-e8

/test 4.13-e2e-aws-ocp4-high

/test 4.13-e2e-aws-ocp4-high-node

/test 4.13-e2e-aws-ocp4-moderate

/test 4.13-e2e-aws-ocp4-moderate-node

/test 4.13-e2e-aws-ocp4-pci-dss

/test 4.13-e2e-aws-ocp4-pci-dss-4-0

/test 4.13-e2e-aws-ocp4-pci-dss-node

/test 4.13-e2e-aws-ocp4-pci-dss-node-4-0

/test 4.13-e2e-aws-ocp4-stig

/test 4.13-e2e-aws-ocp4-stig-node

/test 4.13-e2e-aws-rhcos4-bsi

/test 4.13-e2e-aws-rhcos4-e8

/test 4.13-e2e-aws-rhcos4-high

/test 4.13-e2e-aws-rhcos4-moderate

/test 4.13-e2e-aws-rhcos4-stig

/test 4.13-images

/test 4.14-e2e-aws-ocp4-bsi

/test 4.14-e2e-aws-ocp4-bsi-node

/test 4.14-e2e-aws-ocp4-pci-dss-4-0

/test 4.14-e2e-aws-ocp4-pci-dss-node-4-0

/test 4.14-e2e-aws-rhcos4-bsi

/test 4.14-images

/test 4.15-e2e-aws-ocp4-bsi

/test 4.15-e2e-aws-ocp4-bsi-node

/test 4.15-e2e-aws-ocp4-cis

/test 4.15-e2e-aws-ocp4-cis-node

/test 4.15-e2e-aws-ocp4-e8

/test 4.15-e2e-aws-ocp4-high

/test 4.15-e2e-aws-ocp4-high-node

/test 4.15-e2e-aws-ocp4-moderate

/test 4.15-e2e-aws-ocp4-moderate-node

/test 4.15-e2e-aws-ocp4-pci-dss

/test 4.15-e2e-aws-ocp4-pci-dss-4-0

/test 4.15-e2e-aws-ocp4-pci-dss-node

/test 4.15-e2e-aws-ocp4-pci-dss-node-4-0

/test 4.15-e2e-aws-ocp4-stig

/test 4.15-e2e-aws-ocp4-stig-node

/test 4.15-e2e-aws-rhcos4-bsi

/test 4.15-e2e-aws-rhcos4-e8

/test 4.15-e2e-aws-rhcos4-high

/test 4.15-e2e-aws-rhcos4-moderate

/test 4.15-e2e-aws-rhcos4-stig

/test 4.15-e2e-rosa-ocp4-cis-node

/test 4.15-e2e-rosa-ocp4-pci-dss-node

/test 4.15-images

/test 4.16-e2e-aws-ocp4-bsi

/test 4.16-e2e-aws-ocp4-bsi-node

/test 4.16-e2e-aws-ocp4-cis

/test 4.16-e2e-aws-ocp4-cis-node

/test 4.16-e2e-aws-ocp4-e8

/test 4.16-e2e-aws-ocp4-high

/test 4.16-e2e-aws-ocp4-high-node

/test 4.16-e2e-aws-ocp4-moderate

/test 4.16-e2e-aws-ocp4-moderate-node

/test 4.16-e2e-aws-ocp4-pci-dss

/test 4.16-e2e-aws-ocp4-pci-dss-4-0

/test 4.16-e2e-aws-ocp4-pci-dss-node

/test 4.16-e2e-aws-ocp4-pci-dss-node-4-0

/test 4.16-e2e-aws-ocp4-stig

/test 4.16-e2e-aws-ocp4-stig-node

/test 4.16-e2e-aws-rhcos4-bsi

/test 4.16-e2e-aws-rhcos4-e8

/test 4.16-e2e-aws-rhcos4-high

/test 4.16-e2e-aws-rhcos4-moderate

/test 4.16-e2e-aws-rhcos4-stig

/test 4.16-images

/test 4.17-e2e-aws-ocp4-bsi

/test 4.17-e2e-aws-ocp4-bsi-node

/test 4.17-e2e-aws-ocp4-cis

/test 4.17-e2e-aws-ocp4-cis-node

/test 4.17-e2e-aws-ocp4-e8

/test 4.17-e2e-aws-ocp4-high

/test 4.17-e2e-aws-ocp4-high-node

/test 4.17-e2e-aws-ocp4-moderate

/test 4.17-e2e-aws-ocp4-moderate-node

/test 4.17-e2e-aws-ocp4-pci-dss

/test 4.17-e2e-aws-ocp4-pci-dss-4-0

/test 4.17-e2e-aws-ocp4-pci-dss-node

/test 4.17-e2e-aws-ocp4-pci-dss-node-4-0

/test 4.17-e2e-aws-ocp4-stig

/test 4.17-e2e-aws-ocp4-stig-node

/test 4.17-e2e-aws-rhcos4-bsi

/test 4.17-e2e-aws-rhcos4-e8

/test 4.17-e2e-aws-rhcos4-high

/test 4.17-e2e-aws-rhcos4-moderate

/test 4.17-e2e-aws-rhcos4-stig

/test 4.17-images

/test 4.18-e2e-aws-ocp4-bsi

/test 4.18-e2e-aws-ocp4-bsi-node

/test 4.18-e2e-aws-ocp4-cis

/test 4.18-e2e-aws-ocp4-cis-node

/test 4.18-e2e-aws-ocp4-e8

/test 4.18-e2e-aws-ocp4-high

/test 4.18-e2e-aws-ocp4-high-node

/test 4.18-e2e-aws-ocp4-moderate

/test 4.18-e2e-aws-ocp4-moderate-node

/test 4.18-e2e-aws-ocp4-pci-dss

/test 4.18-e2e-aws-ocp4-pci-dss-4-0

/test 4.18-e2e-aws-ocp4-pci-dss-node

/test 4.18-e2e-aws-ocp4-pci-dss-node-4-0

/test 4.18-e2e-aws-ocp4-stig

/test 4.18-e2e-aws-ocp4-stig-node

/test 4.18-e2e-aws-rhcos4-bsi

/test 4.18-e2e-aws-rhcos4-e8

/test 4.18-e2e-aws-rhcos4-high

/test 4.18-e2e-aws-rhcos4-moderate

/test 4.18-e2e-aws-rhcos4-stig

/test 4.18-images

/test e2e-aws-ocp4-bsi

/test e2e-aws-ocp4-bsi-node

/test e2e-aws-ocp4-cis

/test e2e-aws-ocp4-cis-arm

/test e2e-aws-ocp4-cis-node

/test e2e-aws-ocp4-cis-node-arm

/test e2e-aws-ocp4-e8

/test e2e-aws-ocp4-high

/test e2e-aws-ocp4-high-node

/test e2e-aws-ocp4-moderate

/test e2e-aws-ocp4-moderate-arm

/test e2e-aws-ocp4-moderate-node

/test e2e-aws-ocp4-moderate-node-arm

/test e2e-aws-ocp4-pci-dss

/test e2e-aws-ocp4-pci-dss-4-0

/test e2e-aws-ocp4-pci-dss-node

/test e2e-aws-ocp4-pci-dss-node-4-0

/test e2e-aws-ocp4-stig

/test e2e-aws-ocp4-stig-node

/test e2e-aws-rhcos4-bsi

/test e2e-aws-rhcos4-e8

/test e2e-aws-rhcos4-high

/test e2e-aws-rhcos4-moderate

/test e2e-aws-rhcos4-moderate-arm

/test e2e-aws-rhcos4-stig

/test images

Use /test all to run the following jobs that were automatically triggered:

pull-ci-ComplianceAsCode-content-master-4.12-images

pull-ci-ComplianceAsCode-content-master-4.13-images

pull-ci-ComplianceAsCode-content-master-4.14-images

pull-ci-ComplianceAsCode-content-master-4.15-images

pull-ci-ComplianceAsCode-content-master-4.16-images

pull-ci-ComplianceAsCode-content-master-4.17-images

pull-ci-ComplianceAsCode-content-master-4.18-images

pull-ci-ComplianceAsCode-content-master-images

In response to this:

/test e2e-rhcos4-moderate

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[xiaojiey]

Tested with 4.19.0-0.nightly-2025-03-30-191359, I can see the auto-remediation applied and return PASS
% oc get cr | grep coredump
upstream-rhcos4-moderate-master-service-systemd-coredump-disabled Applied
upstream-rhcos4-moderate-worker-service-systemd-coredump-disabled Applied
% oc get ccr | grep coredump-disabled
upstream-rhcos4-moderate-master-service-systemd-coredump-disabled PASS medium
upstream-rhcos4-moderate-worker-service-systemd-coredump-disabled PASS medium

[xiaojiey]

/test 4.18-e2e-aws-rhcos4-moderate

[xiaojiey]

/test e2e-aws-rhcos4-moderate

[xiaojiey]

/test e2e-aws-rhcos4-high

[xiaojiey]

/test 4.12-e2e-aws-rhcos4-high

[codeclimate]

Code Climate has analyzed commit 8fb170f and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 61.9% (0.0% change).

View more on Code Climate.