Bug 1816715
| Summary: | Compliance data upload after package - 'scap-security-guide' update creates duplicate profile on cloud.redhat.com. | ||
|---|---|---|---|
| Product: | Red Hat Hybrid Cloud Console (console.redhat.com) | Reporter: | Amar Huchchanavar <ahuchcha> |
| Component: | Compliance | Assignee: | Daniel Lobato Garcia <dlobatog> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Victor M. <vmugicag> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | unspecified | CC: | mgoyal, peter.vreman |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-04-25 15:05:37 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Amar Huchchanavar
2020-03-24 15:31:10 UTC
This is a known issue caused by not displaying the SSG version attached to the policy. With the system's upgrade from RHEL 7.6 to 7.7 the scap-security-guide was also updated to a different version, creating a new profile. since the SSG version is not displayed in the UI at the moment, this looks like a duplicated policy. Assigning RHICOMPL-548. This is really an issue that a new policy is created is per RHEL minor release. With the first servers on RHEL7.8, without any other OS configuration changes, i have now a a 3rd policy created that is for me as end-user looking the same 'Standard System Security Profile for Red Hat Enterprise Linux 7' Alternative: If the policies are per minor release i have also no problem, but then make it visible that it is per minor release and not per major release. Peter In the attached case i have uploaded a screenshot of the current Beta site that makes it visible. Peter, yes, we are working to address this issue. More to come as we discuss our options. Peter, we have a change on the way to make it more visible for now - the reason why you got 3 different reports is that each of these reports is really for a different version of the scap-security-guide package. Each version may have slight differences between rules even for the same policies, which is why they're considered as separate. We're discussing how to move forward with that, however, if you have upgraded all of your systems to RHEL 7.8, you can click on "View report" and delete the ones for 7.6 and 7.7. Daniel, Mohit, Thanks for confirming it is work in progress. Upgrading all systems to a single release (e.g. 7.8) is never going to happen in a SAP world. The unique selling point of RHEL is it EUS and E4S support times to give me time to prepare and align with vendor requirements when we can do minor OS upgrades. Peter Peter and I held a call and I demo-ed the functionality to him. While a slightly different experience, the main concern Peter had I think is addressed via the additional context that I shared. Peter is going to test drive this functionality further and I have committed to him that we can connect again as needed. At this point, I don't see any material change here for this issue for the product. Ignore last comment. Peter and I spoke today. There is a change that is coming, that I also demo-ed to Peter, that will address this issue. This issue has been fixed in the current release. What appeared to be duplicate reports were results that were different versions of SSG for the same policy. Changes have been made in the Reports section of Compliance to make it clear to users that SSGs are different in reports that otherwise appear to look the same. |