Actions
Bug #24781
open
[Rudder 8.1] OpenSCAP technique doesn't show up in GUI after OpenSCAP plugin installation
Pull Request:
Severity:
Minor - inconvenience | misleading | easy workaround
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
No
Description
OpenSCAP technique doesn't show up in GUI after OpenSCAP plugin installation.
Webapp logs :
2024-04-25 06:58:14+0000 INFO bootchecks - Migrate technique.json to technique.yml 2024-04-25 06:58:14+0000 INFO bootchecks.migration.techniques - Checking if some techniques need to be migrated to YAML format 2024-04-25 06:58:14+0000 ERROR com.normation.cfclerk.services.impl.GitTechniqueReader - Can not find the parent (root) category '/OpenSCAP_Policies_plugin/plugin_openscap_policies/1.0' for technique 'plugin_openscap_policies/1.0' 2024-04-25 06:58:15+0000 ERROR com.normation.cfclerk.services.impl.GitTechniqueReader - Can not find the parent (root) category '/OpenSCAP_Policies_plugin/plugin_openscap_policies/1.0' for technique 'plugin_openscap_policies/1.0' 2024-04-25 06:58:16+0000 INFO techniques.reader - Reloading technique library, no modified techniques found
See workaround: https://issues.rudder.io/issues/24781#note-3
Updated by Félix DALLIDET 10 days ago
It looks like the archive import feature does not support anymore.
If a zip archive contains some techniques categories (defined by a category.xml file), the category file is ignored during the import process.
You can easily reproduce it with the latest Openscap plugin version.
Content of its zip archive:
Archive: ./openscap_technique.zip creating: configuration/techniques/ creating: configuration/techniques/OpenSCAP_Policies_plugin/ inflating: configuration/techniques/OpenSCAP_Policies_plugin/category.xml creating: configuration/techniques/OpenSCAP_Policies_plugin/plugin_openscap_policies/ creating: configuration/techniques/OpenSCAP_Policies_plugin/plugin_openscap_policies/1.0/ inflating: configuration/techniques/OpenSCAP_Policies_plugin/plugin_openscap_policies/1.0/technique.yml
But when imported through the API:
2024-04-25 13:02:19+0000 INFO application.archive - Received a new policy archive 'openscap_technique.zip', processing 2024-04-25 13:02:19+0000 TRACE application.archive - Directory 'configuration/techniques/' in archive 'openscap_technique.zip': looking for entries 2024-04-25 13:02:19+0000 TRACE application.archive - Directory 'configuration/techniques/OpenSCAP_Policies_plugin/' in archive 'openscap_technique.zip': looking for entries 2024-04-25 13:02:19+0000 TRACE application.archive - Archive 'openscap_technique.zip': found technique file OpenSCAP_Policies_plugin/category.xml 2024-04-25 13:02:19+0000 TRACE application.archive - Directory 'configuration/techniques/OpenSCAP_Policies_plugin/plugin_openscap_policies/' in archive 'openscap_technique.zip': looking for entries 2024-04-25 13:02:19+0000 TRACE application.archive - Directory 'configuration/techniques/OpenSCAP_Policies_plugin/plugin_openscap_policies/1.0/' in archive 'openscap_technique.zip': looking for entries 2024-04-25 13:02:19+0000 TRACE application.archive - Archive 'openscap_technique.zip': found technique file OpenSCAP_Policies_plugin/plugin_openscap_policies/1.0/technique.yml 2024-04-25 13:02:19+0000 DEBUG application.archive - Processing archive 'openscap_technique.zip': techniques: 'OpenSCAP_Policies_plugin/plugin_openscap_policies/1.0' 2024-04-25 13:02:19+0000 DEBUG application.archive - Processing archive 'openscap_technique.zip': directives: '' 2024-04-25 13:02:19+0000 DEBUG application.archive - Processing archive 'openscap_technique.zip': groups: '' 2024-04-25 13:02:19+0000 DEBUG application.archive - Processing archive 'openscap_technique.zip': rules: '' 2024-04-25 13:02:19+0000 DEBUG application.archive - Processing archive 'openscap_technique.zip': rules: '' 2024-04-25 13:02:19+0000 DEBUG application.archive - Adding technique from archive: 'Plugin Openscap policies' (/var/rudder/configuration-repository/techniques/OpenSCAP_Policies_plugin/plugin_openscap_policies/1.0) 2024-04-25 13:02:19+0000 TRACE application.archive - Deleting technique files for technique 'plugin_openscap_policies/1.0': metadata.xml, technique.cf, technique.ps1 2024-04-25 13:02:19+0000 TRACE application.archive - Writing for commit files for technique 'plugin_openscap_policies/1.0': technique.yml 2024-04-25 13:02:20+0000 INFO policy.generation - Start policy generation, checking updated rules
There is no mention of the category.xml file, and it is not extracted to the configuration-repository folder.
root@server:/var/rudder/packages/rudder-plugin-openscap# tree /var/rudder/configuration-repository/techniques/OpenSCAP_Policies_plugin/
/var/rudder/configuration-repository/techniques/OpenSCAP_Policies_plugin/
└── plugin_openscap_policies
└── 1.0
├── metadata.xml
├── technique.cf
├── technique.ps1
└── technique.yml
3 directories, 4 files
Updated by François ARMAND 10 days ago
- Related to Bug #24789: Archive API for import/export doesn't know about technique or rule categories added
Updated by Félix DALLIDET 10 days ago
A workaround:
ar x rudder-plugin-openscap-8.1.1-2.1.rpkg files.txz tar -xvf files.txz unzip -p openscap_technique.zip configuration/techniques/OpenSCAP_Policies_plugin/category.xml cd /var/rudder/configuration-repository/techniques/OpenSCAP_Policies_plugin/ git add category.xml && git commit -m "Add OpenSCAP Policies plugin category" && rudder server reload-techniques
Then, in the UI, go to the 'Administration' -> 'Technique tree' and move the 'Plugin OpenSCAP policies' technique under the newly added category.
Actions