Uploaded image for project: 'Cloud Infrastructure Security & Compliance'
  1. Cloud Infrastructure Security & Compliance
  2. CMP-3728

Able to create scan settings that auto-apply remediations on ROSA

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • Compliance Operator
    • None
    • Quality / Stability / Reliability
    • False
    • Hide

      None

      Show
      None
    • False

      ROSA HCP doesn't support remediations, since many remediations require access to the control plane, which isn't possible in the HCP architecture.

      We already have some logic in the Compliance Operator that skips creating the `default-auto-apply` scan setting when running on ROSA HCP.

      https://github.com/ComplianceAsCode/compliance-operator/blob/master/cmd/manager/operator.go#L670

      We should also apply this same logic to the ScanSetting reconcile loop so that it doesn't let users create scan settings with `autoApplyRemediations: true` if they're on a platform that doesn't support it.

              lbragsta@redhat.com Lance Bragstad
              lbragsta@redhat.com Lance Bragstad
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: