Bug 1464422

Summary: [RFE] OpenSCAP Profile should throw an error for non RHEL Images
Product: Red Hat CloudForms Management Engine Reporter: Lutz Lange <llange>
Component: SecurityAssignee: Loic Avenel <lavenel>
Status: CLOSED WONTFIX QA Contact: Dave Johnson <dajohnso>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 5.8.0CC: fsimonce, jhardy, jprause, jrafanie, mtayer, obarenbo
Target Milestone: GAKeywords: FutureFeature
Target Release: cfme-future   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: container
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-07-01 18:43:45 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: Container Management Target Upstream Version:
Embargoed:

Description Lutz Lange 2017-06-23 11:58:32 UTC 
Description of problem:
We do have the security profile for RHEL RPM based content only. The scan should reflect this. 

Don't let the scan mark images as compliant for non RHEL based images. 
It needs to be obvious in CF that this scan does not make sense.
Comment 2 Lutz Lange 2017-06-23 12:00:04 UTC 
This is in regards to the OpenSCAP container scanning feature with OpenShift 3.5. I did use a centos based ruby s2i application by accident and it found no vulnerabilities as there was no OpenSCAP info available.