Bug 1463444

Summary: [RFE] Host ACTION for running adhoc openscap scans on hosts
Product: Red Hat Satellite Reporter: Sean V. Thompson <seant>
Component: SCAP PluginAssignee: satellite6-bugs <satellite6-bugs>
Status: CLOSED DUPLICATE QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.2.7CC: mhulan, oprazak, szadok
Target Milestone: Unspecified   
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-06-21 07:07:31 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Sean V. Thompson 2017-06-21 00:09:50 UTC 
Description of problem:
Right now we can schedule a openscap scan but can't trigger one at will.

Version-Release number of selected component (if applicable):
Satellite 6.2.7


Actual results:
Once I have assigned a policy and [cronjob] schedule to a host, there's no way to trigger an adhoc scan. I currently have to ssh in to the client/host and run 

cat /etc/foreman_scap_client/config.yaml

to get the policy number. I then have to run

foreman_scap_client <policy number>

to get the scan to upload to my satellite server.

To make this more seamless in satellite, I just created a 'Run Command - SSH Default through SSH' with this command 'foreman_scap_client 1' and I can execute it against the machine without having to do the above. NOTE: This assumes '1' is the intended policy number.

Expected results:
There should be a openscap scan ACTION after assigning a policy(ies) to a host.



Additional info:
cat /etc/foreman_scap_client/config.yaml

it would be nice if the documentation told me I needed to open port 9090 on the satellite server to get this to work. Fortunately, the foreman_scap_client command will complain that the port isn't open and then I manually opened it.
Comment 1 Ondřej Pražák 2017-06-21 07:07:31 UTC 
Thank you for submitting this request. We already track a similar item, therefore I will mark this as a duplicate. Feel free to reopen if I misunderstood and the linked issue does not cover your use case.

*** This bug has been marked as a duplicate of bug 1339715 ***