Plugins » OpenSCAP

Description of problem:

As a user, I may have hundreds or potentially thousands of systems associated with a hostgroup.

As OpenSCAP policies in Foreman are associated with hostgroups, if I have a large number of clients in a hostgroup and an OpenSCAP policy is defined, ALL of the clients will attempt to upload their OpenSCAP reports at the same time.

Ideally, I'd like to see some randomness added into the cron job, which allows the clients to splay their reporting.

Today, an example cron job on a client is

1. HEADER: This file was autogenerated at 2017-07-25 14:19:34 -0400 by puppet.
2. HEADER: While it can still be managed manually, it is definitely not recommended.
3. HEADER: Note particularly that the comments starting with 'Puppet Name' should
4. HEADER: not be deleted, as doing so could cause duplicate cron jobs.
5. Puppet Name: foreman_scap_client_1
   0 1 * * 1 /usr/bin/foreman_scap_client 1

I'd like it to be similar to the below (which adds a 30-600 second random delay)

1. HEADER: This file was autogenerated at 2017-07-25 14:19:34 -0400 by puppet.
2. HEADER: While it can still be managed manually, it is definitely not recommended.
3. HEADER: Note particularly that the comments starting with 'Puppet Name' should
4. HEADER: not be deleted, as doing so could cause duplicate cron jobs.
5. Puppet Name: foreman_scap_client_1
   0 1 * * 1 python -c 'from random import randint; from time import sleep; sleep(randint(30,600))' ; /usr/bin/foreman_scap_client 1

lastly, I'd want the range of randomness configurable by the end-user.