Actions
Tracker #10207
closed
OpenSCAP content distributing design
Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
% Done:
0%
Description
Preface¶
In the current state of foreman_openscap, a user can upload scap_content to foreman_openscap. Yet the user needs also to upload the same content to the client host and save it in the location that puppet-foreman_scap_client expects it to be.
Design
¶
Content distribution:¶
- Expose a url on Satellite for downloading the scap file for the policy (/api/compliance/policies//content)
- OpenSCAP plugin on Proxy serves as a (dumb) proxy to the above url (meaning, calling something like: https://<proxy_url>/compliance/policies/<policy_id>/content will fetch the xml from https://<foreman_url>/api/compliance/policies/<policy_id>/content)
- When foreman_scap_client starts running, it checks if the file configured by puppet exists. If it exists, it will resume operation. If it doesn’t exist, it will download the file from the Proxy and resume its operation.
Updated by Shlomi Zadok about 10 years ago
- Related to Feature #10203: As a user I want RHEL default content pre-configured in foreman_openscap added
Updated by Shlomi Zadok about 10 years ago
- Related to Feature #10204: As a user I want to have a rake task which bulk uploads scap contents to foreman_openscap added
Updated by Shlomi Zadok about 10 years ago
- Related to Feature #10206: As a user I want puppet to automatically configure download url for foreman_scap_client added
Updated by Shlomi Zadok about 10 years ago
- Related to Feature #10205: As a user I want that scap content will be distributed to the client hosts when I assign a policy to a host / hostgroup added
Actions