Import CY26Q1 STIGs

[Mab879]

Summary by CodeRabbit

Release Notes

• New Features
  • Added new STIG versions across multiple operating systems and platforms, including Amazon Linux 2023, Alma Linux, iOS, macOS, Oracle Linux, RHEL, RKE2, SUSE Linux, Ubuntu, and Windows products.
  • Introduced comprehensive RKE2 security benchmark document with detailed hardening guidance.
  • Updated STIG version metadata with corresponding release dates.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR extends STIG version metadata across 16 product configurations by adding new version entries with release dates, introduces a new Amazon Linux 2023 product entry, and publishes a comprehensive RKE2 v2r5 security benchmark XML file with 668 lines of hardening guidance.

Changes

Cohort / File(s)	Summary
New Amazon Linux 2023 Product products/al2023/product.toml	Creates new product entry with full\_name and short\_name fields; defines initial STIG v1r2 with release\_date 2026-01-22
STIG Version Updates products/alma9/product.toml, products/ios18/product.toml, products/macos15/product.toml, products/ol7/product.toml, products/ol8/product.toml, products/ol9/product.toml, products/rhel8/product.toml, products/rhel9/product.toml, products/rke2/product.toml, products/sle12/product.toml, products/srg-kubernetes/product.toml, products/ubuntu2204/product.toml, products/win10/product.toml, products/winserv2019/product.toml, products/winserv2022/product.toml	Adds new STIGs version blocks across 15 products (v1r5, v2r2, v1r6, v3r5, v2r7, v1r4, v2r6, v2r7, v2r5, v3r4, v2r5, v2r7, v3r6, v3r7, v2r7 respectively) with release\_date entries dated 2026-01-22 or 2026-01-23; no modifications to existing entries
RKE2 Security Benchmark products/rke2/v2r5.xml	Introduces comprehensive STIG Benchmark XML defining 116+ security Groups (V-254553–V-268321) covering RKE2 hardening: TLS settings, auditing, authorization, pod security, file permissions, component configuration, PPSM compliance, and admission policies with explicit remediation commands and verification criteria

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• Add CY25Q4 Updates #202: Modifies the same products' STIG version metadata and adds successive RKE2 benchmark XMLs (v2r4 → v2r5) in parallel versions.

Poem

🐰 Fresh metadata blooms, new versions take flight,
Security benchmarks shine with clarity bright!
RKE2 hardened from V-254 through V-268,
Sixteen products aligned—our STIG timeline is pristine! 🎯

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically summarizes the main change: importing CY26Q1 (Calendar Year 2026 Quarter 1) STIGs across multiple product files, which is the primary focus of all changes in this PR.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Fix all issues with AI agents

In `@products/ol7/product.toml`:
- Around line 39-40: Remove the non-existent STIG table [stigs.v3r5] and its
release_date entry from the TOML file; specifically delete the [stigs.v3r5]
section (including the release_date = 2026-01-23 line) so only valid STIG
versions (e.g., v3r3) remain.

In `@products/sle12/product.toml`:
- Around line 25-26: Add a new STIG entry for v3r3 to restore version
continuity: insert a new TOML table [stigs.v3r3] and set release_date =
2025-05-14 near the existing [stigs.v3r4] block in product.toml so the sequence
v3r2 → v3r3 → v3r4 is represented.