1. Proposed title of this feature request

Centralized File Integrity Failure Reporting via Red Hat Advanced Cluster Management (RHACM) Governance

2. What is the nature and description of the request?

The request is to enhance the File Integrity Operator (FIO) to natively integrate with Red Hat Advanced Cluster Management (RHACM), enabling a single, consolidated view of file integrity failures across all managed clusters.

Currently, when a file integrity scan fails, the FIO generates a ConfigMap containing the detailed failure reasons on the local cluster. To view this information for multiple clusters, an administrator must individually log into each cluster, which is not scalable.

This feature requests a mechanism for FIO/Compliance Operator to propagate the File Integrity failure data (currently stored in ConfigMaps) back to the RHACM Hub cluster using the existing Governance, Risk, and Compliance (GRC) framework.

The primary mechanism for this propagation should be:

A new or enhanced RHACM Policy defined to monitor the status of the FileIntegrityNodeStatus Custom Resource (CR) on the managed clusters.

Upon detecting a failure state, the Policy Controller on the managed cluster would report a violation status back to the Hub cluster.

The violation report should include the relevant details from the failure ConfigMap or directly surface the necessary file change data, providing the full context of the integrity failure without requiring the user to access the managed cluster directly.

3. Why does the customer need this? (List the business requirements here)

• Administrators need a single pane of glass to quickly identify file integrity failures across tens or hundreds of OpenShift clusters, eliminating the need for manual cluster-by-cluster inspection.
• Reduce the manual overhead and time spent by operations and security teams in gathering and aggregating compliance data, allowing them to focus on remediation rather than data collection.
• Provide a centralized, easily auditable record of all file integrity failures. For regulatory requirements (e.g., PCI-DSS, HIPAA), auditors need to verify that file integrity monitoring is effective and failures are consistently tracked and addressed across the entire infrastructure.
• Enable centralized alerting via the RHACM console or integrated tools (like the RHACM observability component) when a file integrity violation is reported, allowing for immediate triage and faster Mean Time To Detect (MTTD).
• Align file integrity monitoring with the broader security posture management strategy already handled by RHACM's Governance framework, ensuring consistent policy enforcement and reporting.

4. List any affected packages or components.
FIO, RHACM