Error trying to generate openscap report on client host

Support
1

Problem:
When giving the command “puppet agent --test” presents several errors.

Expected outcome:
Complete the command to execute the “/ usr / bin / foreman_scap_client” command and generate the openscape report

Foreman and Proxy versions:
foreman-1.16.0-1.el7.noarch
foreman-proxy-1.16.0-1.el7.noarch

Foreman and Proxy plugin versions:

Other relevant data:

[root@client1 lib]#  puppet agent --test
Info: Retrieving pluginfacts
Info: Retrieving plugin
Error: Could not set 'file' on ensure: incorrect header check
Error: Could not set 'file' on ensure: incorrect header check
Wrapped exception:
incorrect header check
Error: /File[/var/lib/puppet/lib/facter/rh_certificates.rb]/ensure: change from absent to file failed: Could not set 'file' on ensure: incorrect header check
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: {"message":"Server Error: Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Unknown function: 'pick'. at /etc/puppetlabs/code/environments/KT_MJ_Library_CV_CENTOS7_2/modules/foreman_scap_client/manifests/params.pp:2:23 on node client1.example.com","issue_kind":"RUNTIME_ERROR","stacktrace":["Warning: The 'stacktrace' property is deprecated and will be removed in a future version of Puppet. For security reasons, stacktraces are not returned with Puppet HTTP Error responses."]}
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
[root@client1 lib]#
2

Hi,

Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Unknown function: ‘pick’. at /etc/puppetlabs/code/environments/KT_MJ_Library_CV_CENTOS7_2/modules/foreman_scap_client/manifests/params.pp:2:23

from the error output it looks like Puppet fails to apply foreman_scap_client to your host. Could you check what version of foreman_scap_client you have?

Also, the ‘pick’ comes from stdlib, is it available in your environment?

O.

3

354/5000
I have the following modules installed.

[root@client2 manifests]# puppet module list
/etc/puppetlabs/code/environments/KT_MJ_Library_CV_CENTOS7_2/modules
├── puppetlabs-stdlib (v4.24.0)
└── theforeman-foreman_scap_client (v0.3.18)
/etc/puppetlabs/code/modules (no modules installed)
/opt/puppetlabs/puppet/modules (no modules installed)
[root@client2 manifests]#

I saw that after installing theforeman-foreman_scap_client with the “puppet module install theforeman-foreman_scap_client” command he did not create the “/etc/foreman_scap_client/config.yaml” file.

What is the procedure to do now, since I saw that in the example file there are several parameters to configure.

4

“puppet module install theforeman-foreman_scap_client” is not meant to create the config, it merely gets the module. I have just noticed your prompt: root@client2. I would suggest the following:

  1. Make sure you run the command above on the machine where your puppet master is (by default same as your foreman), not on the client.
  2. Import the puppet module into foreman and assign it to client. Foreman will take care of configuring the parameters for you.
  3. Because you run with katello, make sure your client is subscribed
  4. run ‘puppet agent -t’ on client, it should create the config file
5

Good afternoon

The above error was giving as the puppet was in different version with that of the server.

What happens now is that the host client does not import the openscape module, it communicates with the foreman / puppet server and no matter the modules or openscape configuration.

Can the problem be happening because that host is under an http proxy?

Host client:

puppet agent -t

Info: Using configured environment ‘production’
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Info: Caching catalog for client.example.com
Info: Applying configuration version ‘1523648579’
Notice: Applied catalog in 0.06 seconds

6

The output says that puppet was able successfully apply the catalog, so it does not look like http proxy problem to me, but more like some sort of puppet misconfiguration.

I would double-check if your puppet classes are imported to the correct puppet environment and that host has proper environment and classes assigned.