Problem:
When running a scan either remotely executed from foreman to host or running on the content host itself, the job ends with error "Report not uploaded from proxy to Foreman server, cause: 422 “Unprocessable Entity”
Expected outcome:
After the scan is run I generate a compliance report .
Foreman and Proxy versions:
Foreman and Proxy plugin versions:
foreman-2.1.3-1
katello-3.16.1
tfm-rubygem-openscap-0.4.9-3.el7.noarch
tfm-rubygem-smart_proxy_openscap-0.7.3-1.fm2_1.el7.noarch
Distribution and version:
CentOS 7
When performing a remote OpenSCAP job from foreman, the job completes successfully. However , the job details inidicate the report was not uploaded. Here are the details:
1:
DEBUG: running: oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_standard --results-arf /tmp/d20201113-28270-ayshac/results.xml /var/lib/openscap/content/3e1654fd14a5352d65294db555710bfda5cad1a942209e2d787ea7940035616e.xml
2:
WARNING: Datastream component 'scap_org.open-scap_cref_security-data-oval-com.redhat.rhsa-RHEL7.xml' points out to the remote 'https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml'. Use '--fetch-remote-resources' option to download it.
3:
WARNING: Skipping 'https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml' file which is referenced from datastream
4:
WARNING: Skipping ./security-data-oval-com.redhat.rhsa-RHEL7.xml file which is referenced from XCCDF content
5:
DEBUG: running: /usr/bin/env bzip2 /tmp/d20201113-28270-ayshac/results.xml
6:
Uploading results to https://katelloserver316.localdomain:9090/compliance/arf/1
7:
Report not uploaded from proxy to Foreman server, cause: 422 "Unprocessable Entity"
8:
Exit status: 0
When i run foreman_scap_client 2 from the host, I get similar output:
foreman_scap_client 2
DEBUG: running: oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_pci-dss --results-arf /tmp/d20201116-28355-yq5ico/results.xml /var/lib/openscap/content/3e1654fd14a5352d65294db555710bfda5cad1a942209e2d787ea7940035616e.xml
WARNING: Datastream component 'scap_org.open-scap_cref_security-data-oval-com.redhat.rhsa-RHEL7.xml' points out to the remote 'https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml'. Use '--fetch-remote-resources' option to download it.
WARNING: Skipping 'https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml' file which is referenced from datastream
WARNING: Skipping ./security-data-oval-com.redhat.rhsa-RHEL7.xml file which is referenced from XCCDF content
DEBUG: running: /usr/bin/env bzip2 /tmp/d20201116-28355-yq5ico/results.xml
Uploading results to https://katelloserver316.localdomain:9090/compliance/arf/2
Report not uploaded from proxy to Foreman server, cause: 422 "Unprocessable Entity"
i reconfigged config.yaml to :fetch_remote_resources: true to get rid of the warnings.
foreman_scp_client 1 from the command line i see a number of rules being evaluated. It ends with :
OpenSCAP Error: Probe with PID=12416 has been killed with signal 9 [sch_pipe.c:178]
Unable to close probe sd [oval_probe_ext.c:424]
Unable to receive a message from probe [oval_probe_ext.c:579]
Invalid oval result type: -1. [oval_resultTest.c:179]
Does anyone have any ideas what might be causing this ?