Problem:
Can’t add a new OpenSCAP Policy with Ansible as deployment option
Foreman and Proxy versions:
Foreman 2.1
Foreman and Proxy plugin versions:
Foreman plugin: foreman-tasks, 2.0.1
Foreman plugin: foreman_ansible, 5.1.1
Foreman plugin: foreman_openscap, 3.0.0
Foreman plugin: foreman_remote_execution, 3.3.2
Foreman plugin: katello, 3.16.0.rc4
Distribution and version:
CentOS 7, latest updates
Other relevant data:
I have a Katello/Foreman with a working Ansible + callback stack, now I’m trying to configure OpenSCAP on top of it by following Foreman :: Plugin Manuals
So on the client (same host as the foreman server at the time):
- yum install ansiblerole-foreman_scap_client to install the ansible scripts (the documentation calls for ansible-foreman_scap_client which doesn’t exist anymore)
- foreman-rake foreman_openscap:bulk_upload:default to create the default SCAP Content in Foreman (works)
- In Foreman: Configure > Ansible > Roles > Import and select “theforeman.foreman_scap_client” to import the role (works)
- In Foreman: Configure > Ansible > Variables > Import and select all foreman_scap* variables created by the role (works)
At this point we should be ready to create a new OpenSCAP Compliance Policy in Hosts > Compliance > Policies and select “Ansible” as deployment option. Doing so results in an error:
Unable to save * Failed to save when overriding parameters for ansible, cause: Default value is invalid
After this if I look at the variables, 2 of them were overridden:
The logs show the same:
2020-07-15T15:15:29 [I|app|a0ad13f9] Processing by PoliciesController#create as HTML
2020-07-15T15:15:29 [I|app|a0ad13f9] Parameters: {“utf8”=>“✓”, “authenticity_token”=>“F1s6/QYqBl0v29TFeLjMtyd1JjHa8D63+6ho/U0Kfj08c66KSCrC5vSRzPamxX6zAnWERAoh2yqznSZgns01LQ==”, “policy”=>{“wizard_initiated”=>“true”, “current_step”=>“Policy Attributes”, “deploy_by”=>“ansible”, “name”=>“”, “description”=>“”, “scap_content_id”=>“”, “tailoring_file_id”=>“”, “period”=>“”, “weekday”=>“”, “day_of_month”=>“”, “cron_line”=>“”, “location_ids”=>[“”, “2”], “organization_ids”=>[“”, “1”], “hostgroup_ids”=>[“”]}, “commit”=>“Next”}
2020-07-15T15:15:30 [I|aud|a0ad13f9] AnsibleVariable (42) update event on override false, true
2020-07-15T15:15:30 [I|aud|a0ad13f9] AnsibleVariable (42) update event on hidden_value true, false
2020-07-15T15:15:30 [I|aud|a0ad13f9] AnsibleVariable (42) update event on default_value , <%= @host.policies_enc %>
2020-07-15T15:15:30 [I|aud|a0ad13f9] AnsibleVariable (40) update event on override false, true
2020-07-15T15:15:30 [I|aud|a0ad13f9] AnsibleVariable (40) update event on hidden_value true, false
2020-07-15T15:15:30 [E|app|a0ad13f9] Failed to save: Failed to save when overriding parameters for ansible, cause: Default value is invalid
2020-07-15T15:15:30 [I|app|a0ad13f9] Rendering /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-3.0.0/app/views/policies/new.html.erb within layouts/application
2020-07-15T15:15:30 [I|app|a0ad13f9] Rendered /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-3.0.0/app/views/policies/steps/_deployment_options_form.html.erb (Duration: 6.0ms | Allocations: 8079)
2020-07-15T15:15:30 [I|app|a0ad13f9] Rendered /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-3.0.0/app/views/policies/steps/_policy_attributes_form.html.erb (Duration: 4.4ms | Allocations: 7093)
2020-07-15T15:15:32 [I|app|a0ad13f9] Rendered /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-3.0.0/app/views/policies/steps/_scap_content_form.html.erb (Duration: 2079.0ms | Allocations: 9520)
2020-07-15T15:15:32 [I|app|a0ad13f9] Rendered /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-3.0.0/app/views/policies/steps/_schedule_form.html.erb (Duration: 18.5ms | Allocations: 9326)
2020-07-15T15:15:32 [I|app|a0ad13f9] Rendered /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-3.0.0/app/views/policies/steps/_locations_form.html.erb (Duration: 19.9ms | Allocations: 8347)
2020-07-15T15:15:32 [I|app|a0ad13f9] Rendered /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-3.0.0/app/views/policies/steps/_organizations_form.html.erb (Duration: 18.5ms | Allocations: 8336)
2020-07-15T15:15:32 [I|app|a0ad13f9] Rendered /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-3.0.0/app/views/policies/steps/_hostgroups_form.html.erb (Duration: 19.7ms | Allocations: 8307)
2020-07-15T15:15:32 [I|app|a0ad13f9] Rendered /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-3.0.0/app/views/policies/steps/_step_form.html.erb (Duration: 2173.2ms | Allocations: 66420)
2020-07-15T15:15:32 [I|app|a0ad13f9] Rendered /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-3.0.0/app/views/policies/new.html.erb within layouts/application (Duration: 2177.8ms | Allocations: 72624)
2020-07-15T15:15:32 [I|app|a0ad13f9] Rendered layouts/_application_content.html.erb (Duration: 7.7ms | Allocations: 6561)
2020-07-15T15:15:32 [I|app|a0ad13f9] Rendering layouts/base.html.erb
2020-07-15T15:15:32 [I|app|a0ad13f9] Rendered layouts/base.html.erb (Duration: 59.5ms | Allocations: 26808)
The packages were installed with
foreman-installer --scenario katello --foreman-initial-organization “XXX” --foreman-initial-location “XXX” --enable-foreman-plugin-remote-execution --enable-foreman-proxy-plugin-remote-execution-ssh --enable-foreman-plugin-openscap --enable-foreman-proxy-plugin-openscap --enable-foreman-plugin-ansible --enable-foreman-proxy-plugin-ansible
Any clue on what’s going wrong? Do I need to manually set some variables?
