Project Description

SUSE Manager and Uyuni do support OpenSCAP and user can make use of it to keep the compliance status in check. However, when it comes to usability, there are things that could be improved.

Goal for this Hackweek

1. Step

• Remove requirement of clients having SCAP content, but rather all the content will stay at server and will be transferred to client temporary at the time of scan.

2. Step

• Improve the UI to list all the scap content files as select list so user can easily select the content
• Then based on previous step, select the profiles available in selected data stream from the last step

3. Step

• Add the possibility to upload the tailoring file on the server
• Extend the UI in 2.Step to make it possible for the user to select the uploaded tailoring file
• Based on selected tailoring file, select the profile

4. Step

• Adjust the salt states if needed

5. Step

• Parse the results, especially the remediations as bash script
• Apply the remediation using salt right from the scap feature UI

Bonus

• Add taskomatic job to download scap content from SUSE server once per day to make use of '--fetch-remote-resources F

Resources

• https://github.com/uyuni-project/uyuni
• https://documentation.suse.com/suma/4.3/en/suse-manager/administration/openscap.html

Skills

• Java
• React
• TypeScript
• OpenSCAP
• Database