Bug 1459189

Shout (In reply to Loic Avenel from comment #0)
> Description of problem: Allow to specify by Provider Location of OpenStack
> file and ImageScan, this is important for customers with OpenShift that has
> not access to Internet

Please read OpenScap file and not OpenStack

(In reply to Loic Avenel from comment #0)
> Description of problem: Allow to specify by Provider Location of OpenStack
> file and ImageScan, this is important for customers with OpenShift that has
> not access to Internet

Loic, we already have:

- bug 1379185 for the CVE definitions URL (open ATM)
- bug 1378007 for the image-inspector configuration (verified)

I am OK to keep this BZ as well but it may need a slight different connotation I suppose.

So I am transforming this into the UI side (having a page to configure the above settings).
Feel free to re-arrange this BZ if you think otherwise.

I think from title this talks about configuring image-inspector differently per provider?  bug 1378007 was one global setting.

Assuming that's the goal:
I hope we can stop kludging provider custom attributes.  We need a generic mechanism for per-provider setting overrides.

This requires the per-provider instance advanced settings.

Erez can you add the relevant PRs here?
Please move to ON_DEV if you have all the PRs up for review.

The main PR in the UI, still WIP:
https://github.com/ManageIQ/manageiq-ui-classic/pull/1652

It depends on:
ManageIQ/manageiq#15398
ManageIQ/manageiq-schema#23
ManageIQ/manageiq-providers-kubernetes#45
ManageIQ/manageiq-providers-openshift#32

Verify on cfme 5.9.0.8.
update CVE location with value https://www.redhat.com/security/data/metrics/ds --> SSA work OK.

update CVE location with wrong value  https://www.redhat.com/security/data/metrics --> SSA fail with Unable to run OpenSCAP: OpenSCAP error as expected.

Update image_inspector_registry with wrong value: docker (instead of docker.io) --> SSA fail with "job timed out after 1250.265938917 seconds of inactivity" error as expected.

The error message that I get is different, no mention problem with CVE file :

“Unable to run OpenSCAP: OpenSCAP error: 1: exit status 1 Input: [xccdf eval --results-arf /var/tmp/image-inspector-scan-results-274495225/results-arf.xml /tmp/com.redhat.rhsa-RHEL7.ds.xml.bz2] Output: OpenSCAP Error: xmlParseEntityRef: no name [oscap_source.c:278] Entity: line 79: parser error : Entity 'copy' not defined <li>Copyright &copy;2014 Red Hat, Inc.</li> ^ Entity: line 124: parser error : EntityRef: expecting ';' ="https://smtrcs.redhat.com/b/ss/redhatcom,redhatglobal/1/H.25.4--NS/0?[AQB]&cdp ^ Entity: line 124: parser error : xmlParseEntityRef: no name ttps://smtrcs.redhat.com/b/ss/redhatcom,redhatglobal/1/H.25.4--NS/0?[AQB]&cdp=3& ^ Unable to parse XML at: '/tmp/com.redhat.rhsa-RHEL7.ds.xml.bz2' [oscap_source.c:280]”

Erez lets look at that tomorrow.

Erez do you need me to open BZ on that?

BZ 1512824 - Error message correction in case of wrong CVE Loaction value on provider advance settings
https://bugzilla.redhat.com/show_bug.cgi?id=1512824

have been open for track the error message issue.

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:0380