Bug 1464422 - [RFE] OpenSCAP Profile should throw an error for non RHEL Images
Summary: [RFE] OpenSCAP Profile should throw an error for non RHEL Images
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Security
Version: 5.8.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: GA
: cfme-future
Assignee: Loic Avenel
QA Contact: Dave Johnson
URL:
Whiteboard: container
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-06-23 11:58 UTC by Lutz Lange
Modified: 2018-07-01 18:43 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-07-01 18:43:45 UTC
Category: ---
Cloudforms Team: Container Management
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Lutz Lange 2017-06-23 11:58:32 UTC
Description of problem:
We do have the security profile for RHEL RPM based content only. The scan should reflect this. 

Don't let the scan mark images as compliant for non RHEL based images. 
It needs to be obvious in CF that this scan does not make sense.

Comment 2 Lutz Lange 2017-06-23 12:00:04 UTC
This is in regards to the OpenSCAP container scanning feature with OpenShift 3.5. I did use a centos based ruby s2i application by accident and it found no vulnerabilities as there was no OpenSCAP info available.


Note You need to log in before you can comment on or make changes to this bug.