From 9e086aa412796cd42090b7d2fc51a6325db1c6b8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
Date: Thu, 10 Oct 2024 15:48:51 +0200
Subject: [PATCH 1/3] Build SCE by default for RHEL 9 and 10

Change the `build_product` convenient script so that it will
build SCE by default for the `rhel9` and `rhel10` product.
---
 build_product | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/build_product b/build_product
index a045dbefd46..c19689f1f44 100755
--- a/build_product
+++ b/build_product
@@ -337,6 +337,13 @@ set_no_derivatives_options() {
 	fi
 }
 
+set_sce_options() {
+	grep -q "SSG_SCE_ENABLED" <<< "$ADDITIONAL_CMAKE_OPTIONS" && return
+	if grep -q 'rhel9\|rhel10' <<< "${_arg_product[*]}"; then
+		CMAKE_OPTIONS+=("-DSSG_SCE_ENABLED:BOOL=ON")
+	fi
+}
+
 set_explict_build_targets() {
 	if test "$_arg_datastream_only" = on || test "$_arg_thin_datastream" = on || test "$_arg_rule_id" != off ; then
 		for chosen_product in "${_arg_product[@]}"; do
@@ -429,6 +436,7 @@ done
 
 CMAKE_OPTIONS=(${ADDITIONAL_CMAKE_OPTIONS} "${build_type_option}" "${oval_major_version_option}" "${oval_minor_version_option}" '-DSSG_PRODUCT_DEFAULT=OFF' "${cmake_enable_args[@]}" -G "$cmake_generator")
 set_no_derivatives_options
+set_sce_options
 if [ "$_arg_ansible_playbooks" = off ] ; then
 	CMAKE_OPTIONS+=("-DSSG_ANSIBLE_PLAYBOOKS_ENABLED:BOOL=OFF")
 fi

From 5abe56ea74145330225ace6ea09aa192fd80e54d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
Date: Fri, 11 Oct 2024 15:02:44 +0200
Subject: [PATCH 2/3] Unify location of the SCE option

SCE should be built in Ubuntu 20.04 and 22.04 products. However, this
is specified only in the CI workflow description. In previous commit we
have started to build SCE in RHEL 9 and 10. If we would like to start
testing it in CI, we could do it either by changing the CI workflow
description or the build_product script. It would be less complex if we
could unify it in a single place which is the build_product script.
---
 .github/workflows/gate.yaml | 4 ++--
 build_product               | 3 ++-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/gate.yaml b/.github/workflows/gate.yaml
index a874e9d8284..f72a6a3732f 100644
--- a/.github/workflows/gate.yaml
+++ b/.github/workflows/gate.yaml
@@ -95,7 +95,7 @@ jobs:
         run: pip3 install -r requirements.txt -r test-requirements.txt
       - name: Build
         env:
-          ADDITIONAL_CMAKE_OPTIONS: "-DSSG_SCE_ENABLED:BOOL=ON -DSSG_OVAL_SCHEMATRON_VALIDATION_ENABLED=OFF"
+          ADDITIONAL_CMAKE_OPTIONS: "-DSSG_OVAL_SCHEMATRON_VALIDATION_ENABLED=OFF"
         run: |-
           ./build_product ubuntu1604 ubuntu1804 ubuntu2004
       - name: Test
@@ -114,7 +114,7 @@ jobs:
         run: pip3 install -r requirements.txt -r test-requirements.txt
       - name: Build
         env:
-          ADDITIONAL_CMAKE_OPTIONS: "-DSSG_SCE_ENABLED:BOOL=ON -DSSG_OVAL_SCHEMATRON_VALIDATION_ENABLED=OFF"
+          ADDITIONAL_CMAKE_OPTIONS: "-DSSG_OVAL_SCHEMATRON_VALIDATION_ENABLED=OFF"
         run: |-
           ./build_product ubuntu2204
       - name: Test
diff --git a/build_product b/build_product
index c19689f1f44..8685fffc627 100755
--- a/build_product
+++ b/build_product
@@ -339,7 +339,8 @@ set_no_derivatives_options() {
 
 set_sce_options() {
 	grep -q "SSG_SCE_ENABLED" <<< "$ADDITIONAL_CMAKE_OPTIONS" && return
-	if grep -q 'rhel9\|rhel10' <<< "${_arg_product[*]}"; then
+	# These products will build SCE by default
+	if grep -q -E 'rhel9|rhel10|ubuntu2004|ubuntu2204' <<< "${_arg_product[*]}"; then
 		CMAKE_OPTIONS+=("-DSSG_SCE_ENABLED:BOOL=ON")
 	fi
 }

From 7c812c3dc19f81db90972f0cb3b99a27ebeefaef Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
Date: Fri, 11 Oct 2024 15:07:44 +0200
Subject: [PATCH 3/3] Build SCE on RHEL

---
 scap-security-guide.spec | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/scap-security-guide.spec b/scap-security-guide.spec
index 71cce48024a..b49fdaf1085 100644
--- a/scap-security-guide.spec
+++ b/scap-security-guide.spec
@@ -58,7 +58,11 @@ present in %{name} package.
 %define centos_8_specific %{nil}
 
 %if 0%{?_rhel_like}
+%if 0%{?_rhel_like} == 7 || 0%{?_rhel_like} == 8
 %define cmake_defines_specific -DSSG_PRODUCT_DEFAULT:BOOLEAN=FALSE -DSSG_PRODUCT_RHEL%{_rhel_like}:BOOLEAN=TRUE -DSSG_CENTOS_DERIVATIVES_ENABLED:BOOL=ON
+%else
+%define cmake_defines_specific -DSSG_PRODUCT_DEFAULT:BOOLEAN=FALSE -DSSG_PRODUCT_RHEL%{_rhel_like}:BOOLEAN=TRUE -DSSG_CENTOS_DERIVATIVES_ENABLED:BOOL=ON -DSSG_SCE_ENABLED:BOOL=ON
+%endif
 %endif
 %if 0%{?fedora}
 %define cmake_defines_specific -DSSG_PRODUCT_DEFAULT:BOOLEAN=FALSE -DSSG_PRODUCT_FEDORA:BOOLEAN=TRUE