-
Bug
-
Resolution: Unresolved
-
Critical
-
None
-
None
-
False
-
-
False
-
-
Description of problem:
The scans with rhcos4 profiles will return NOT-APPLICABLE with RHCOS10. Seems the profile's platform detection logic explicitly checks for RHCOS version 4.x or 9.x, $ oc get scan NAME PHASE RESULT rhcos4-moderate-master DONE NOT-APPLICABLE rhcos4-moderate-worker DONE NOT-APPLICABLE oc logs -n openshift-compliance openscap-pod-0ab016e50e1ecb20a64b56b62b8c349ed797d14a -c scanner … Title^M Configure SSH to use System Crypto Policy Rule^M xccdf_org.ssgproject.content_rule_configure_ssh_crypto_policy I: oscap: Evaluating XCCDF rule 'xccdf_org.ssgproject.content_rule_configure_ssh_crypto_policy'. I: oscap: Evaluating definition 'oval:ssg-installed_OS_is_rhcos4:def:1': Red Hat Enterprise Linux CoreOS. I: oscap: Definition 'oval:ssg-installed_OS_is_rhcos4:def:1' evaluated as false. I: oscap: Rule 'xccdf_org.ssgproject.content_rule_configure_ssh_crypto_policy' is not applicable. Result^M notapplicable …
Version-Release number of selected component (if applicable):
4.21.0-ec.3
How reproducible:
Always
Steps to Reproduce:
- Install cluster with payload 4.21.0-ec.3
- Install Compliance Operatorv1.8.0
- Create a ssb with rhcos4-moderate profile
Actual results:
The scans with rhcos4 profiles will return NOT-APPLICABLE with RHCOS10
Expected results:
The scans with rhcos4 profiles should return COMPLIANT or NON-COMPLIANT with RHCOS10
Additional info: