Bug 1464422 - [RFE] OpenSCAP Profile should throw an error for non RHEL Images
[RFE] OpenSCAP Profile should throw an error for non RHEL Images
Status: NEW
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Security (Show other bugs)
5.8.0
Unspecified Unspecified
unspecified Severity unspecified
: GA
: cfme-future
Assigned To: Loic Avenel
Dave Johnson
container
: FutureFeature
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-06-23 07:58 EDT by Lutz Lange
Modified: 2018-05-04 15:38 EDT (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: Container Management


Attachments (Terms of Use)

  None (edit)
Description Lutz Lange 2017-06-23 07:58:32 EDT
Description of problem:
We do have the security profile for RHEL RPM based content only. The scan should reflect this. 

Don't let the scan mark images as compliant for non RHEL based images. 
It needs to be obvious in CF that this scan does not make sense.
Comment 2 Lutz Lange 2017-06-23 08:00:04 EDT
This is in regards to the OpenSCAP container scanning feature with OpenShift 3.5. I did use a centos based ruby s2i application by accident and it found no vulnerabilities as there was no OpenSCAP info available.

Note You need to log in before you can comment on or make changes to this bug.