Chef Automate not showing all skipped controls in compliance report tab

[kalroy]

Describe the bug

Chef Automate not showing all skipped controls in compliance report tab

chef/customer-bugs#350 https://github.com/chef/customer-bugs/issues/431

To Reproduce

Steps to reproduce the behavior: On few random nodes for profile sec_os_rhel6_cis profile control 6.2.10_Ensure_users_dot_files_are_not_group_or_world_writable is showing under critical controls however it should be showing under skipped controls. No of controls count showing correctly however, this control wrongly appearing under critical controls. Note: Downloaded report showing correctly as expected.

Expected behavior

Control 6.2.10_Ensure_users_dot_files_are_not_group_or_world_writable status should appear correctly.

Screenshots

Versions (please complete the following information):

Additional context

Aha! Link: https://chef.aha.io/epics/SH-E-274

[rickmarry]

where can i find this profile?

[atultherajput]

Other bugs related to this issue: https://github.com/chef/customer-bugs/issues/665 https://github.com/chef/customer-bugs/issues/428 https://github.com/chef/customer-bugs/issues/388

[atultherajput]

Update: We have found an area where we can reproduce same issue. Now we are analysing the issue to find the root cause.

[vkaushik-chef]

@kalroy @atultherajput Has this bug been triaged yet ? We have multiple customers affected by it and ANZ bank is one of them for whom it is becoming critical to have the issue fixed since it has been around for long.

[atultherajput]

@vkaushik-chef We tried reproducing the issue by creating a "custom profile and adding some dependent profiles inside it" (similar to the ANZ bank profile) but we are not able to reproduce the exact problem with that profile. Therefore we have requested ANZ bank to provide their profile. CC: @kalroy

[kalroy]

@vkaushik-chef These issues although look similar but are not always the same. These are not obvious bugs but can be because of some corner cases which @atultherajput is trying to work out with ANZ. If we have multiple customers affected, I would request you to redirect us to the customer bugs/intake issues so that we can have conversations with them to understand the scenario. It can be also an issue with the way customer has created the profile too as in case of https://github.com/chef/customer-bugs/issues/388

Internal conversation not to be passed on to the customer

[vkaushik-chef]

@vkaushik-chef We tried reproducing the issue by creating a "custom profile and adding some dependent profiles inside it" (similar to the ANZ bank profile) but we are not able to reproduce the exact problem with that profile. Therefore we have requested ANZ bank to provide their profile. CC: @kalroy

@atultherajput : The custom profile is actually an intellectual property of the ANZ bank and thus they can't share it. If there is more live sessions needed, please feel free to do so engaging with support team. Customer has informed the same on today's call.