foreman_openscap 4.1.0 → 4.3.0

data/app/views/api/v2/compliance/oval_contents/show.json.rabl

@@ -0,0 +1,3 @@
+object @oval_content
+
+extends "api/v2/compliance/oval_contents/base"

data/app/views/api/v2/compliance/oval_contents/sync.json.rabl

@@ -0,0 +1,3 @@
+collection @oval_contents
+
+extends "api/v2/compliance/oval_contents/sync_result"

data/app/views/api/v2/compliance/oval_contents/sync_result.json.rabl

@@ -0,0 +1,11 @@
+object @oval_content
+
+attributes :id, :name
+
+node(:errors) do |content|
+  content.errors.to_hash
+end
+
+node(:full_messages) do |content|
+  content.errors.full_messages
+end

data/app/views/api/v2/compliance/oval_contents/update.json.rabl

@@ -0,0 +1,3 @@
+object @oval_content
+
+extends "api/v2/compliance/oval_contents/base"

data/app/views/api/v2/compliance/oval_policies/create.json.rabl

@@ -0,0 +1,3 @@
+object @oval_policy
+
+extends "api/v2/compliance/oval_policies/main"

data/app/views/api/v2/compliance/oval_policies/index.json.rabl

@@ -0,0 +1,3 @@
+collection @oval_policies
+
+extends "api/v2/compliance/oval_policies/main"

data/app/views/api/v2/compliance/oval_policies/main.json.rabl

@@ -0,0 +1,15 @@
+object @oval_policy
+
+extends "api/v2/compliance/common/org"
+extends "api/v2/compliance/common/loc"
+extends "api/v2/compliance/policies_common/attrs"
+
+attributes :created_at, :updated_at, :oval_content_id
+
+child :hosts => :hosts do |host|
+  attributes :id, :name
+end
+
+child :hostgroups => :hostgroups do |hg|
+  attributes :id, :name
+end

data/app/views/api/v2/compliance/oval_policies/show.json.rabl

@@ -0,0 +1,3 @@
+object @oval_policy
+
+extends "api/v2/compliance/oval_policies/main"

data/app/views/api/v2/compliance/policies/base.json.rabl

@@ -2,6 +2,6 @@ object @policy
 
 extends "api/v2/compliance/common/org"
 extends "api/v2/compliance/common/loc"
+extends "api/v2/compliance/policies_common/attrs"
 
-attributes :id, :name, :period, :weekday, :description, :scap_content_id, :scap_content_profile_id, :day_of_month, :cron_line,
-           :tailoring_file_id, :tailoring_file_profile_id, :deploy_by
+attributes :scap_content_id, :scap_content_profile_id, :tailoring_file_id, :tailoring_file_profile_id, :deploy_by

data/app/views/api/v2/compliance/policies_common/_attrs.json.rabl

@@ -0,0 +1,2 @@
+attributes :id, :name, :period, :weekday, :description, :day_of_month, :cron_line
+           

data/app/views/arf_reports/_output.html.erb

@@ -1,3 +1,11 @@
+<% content_for(:javascripts) do %>
+  <%= webpacked_plugins_js_for :foreman_openscap %>
+<% end %>
+<% content_for(:stylesheets) do %>
+  <%= webpacked_plugins_css_for :foreman_openscap %>
+<% end %>
+
+
 <table id='report_log' class="<%= table_css_classes %>">
   <thead>
     <tr>
@@ -16,7 +24,7 @@
           <%= render :partial => 'detailed_message', :locals => { :message => log.message } %>
         </td>
         <td><%= log.source %></td>
-        <td><span <%= severity_tag log.message.severity %>><%= h log.message.severity %></span></td>
+        <td><%= react_component 'RuleSeverity', { :severity => log.message.severity.downcase } %></td>
         <td><%= host_search_by_rule_result_buttons(log.source) %></td>
       </tr>
     <% end %>

data/app/views/arf_reports/show.html.erb

@@ -2,7 +2,7 @@
 <% javascript 'foreman_openscap/reports' %>
 <% stylesheet 'foreman_openscap/reports' %>
 
-<% title "#{@arf_report.host}" %>
+<% title @arf_report.host.to_s %>
 <%= arf_report_breadcrumbs %>
 
 <p class='ra'><%= reported_info @arf_report %></p>

data/app/views/arf_reports/show_html.html.erb

@@ -1,5 +1,6 @@
 <%= javascript 'foreman_openscap/load_report'%>
 
+<% title @arf_report.host.to_s %>
 <%= arf_report_breadcrumbs %>
 
 <div class="row">

data/app/views/compliance_hosts/show.html.erb

@@ -3,14 +3,7 @@
 
 <%= breadcrumbs(:resource_url => api_hosts_path,
                 :resource_filter => "is_compliance_host = true",
-                :name_field => 'name',
-                :switchable => true,
-                :items => [
-                  { :caption => _('Compliance Hosts'),
-                    :url => url_for(hosts_path(:search => "is_compliance_host = true")) },
-                  { :caption => ((N_("%s compliance reports by policy") % @host.to_label)),
-                    :url => (host_path(@host) if authorized_for(hash_for_host_path(@host))) }
-                ])
+                :name_field => 'name')
 %>
 <% title n_("%s compliance report by policy", "%s compliance reports by policy" , @host.combined_policies.length) % @host.to_label %>
 <% @host.combined_policies.each do |policy| %>

data/app/views/job_templates/run_oval_scans.erb

@@ -0,0 +1,24 @@
+<%#
+name: Run OVAL scans
+job_category: OpenSCAP
+description_format: Run scan for specified OVAL Policies
+feature: foreman_openscap_run_oval_scans
+provider_type: SSH
+snippet: false
+provider_type: SSH
+kind: job_template
+template_inputs:
+- name: oval_policies
+  description: Comma separated OVAL Policy Ids to run
+  input_type: user
+  advanced: true
+-%>
+<% unless input('oval_policies').blank? -%>
+  <% input('oval_policies').split(',').map do |id| -%>
+    /usr/bin/foreman_scap_client oval <%= id %>
+  <% end -%>
+<% else -%>
+  <% @host.oval_policies_enc_raw.map do |policy| -%>
+    /usr/bin/foreman_scap_client oval <%= policy['id'] %>
+  <% end -%>
+<% end -%>

data/app/views/policies/edit.html.erb

@@ -1,4 +1,5 @@
-<% title _("Edit Compliance Policy") %>
-<%= policy_breadcrumbs %>
+<% title _("Edit %s") % @policy.name %>
+<%= breadcrumbs(:resource_url => api_compliance_policies_path,
+                :name_field => 'name') %>
 
 <%= render :partial => "form" %>

data/app/views/policies/show.html.erb

@@ -1,4 +1,6 @@
-<%= policy_breadcrumbs %>
+<% title _("Details for Compliance Policy %s") % @policy.name %>
+<%= breadcrumbs(:resource_url => api_compliance_policies_path,
+                  :name_field => 'name') %>
 
 <div class="row">
   <iframe style="min-height: 800px" height="100%" width="100%" frameborder="0" src="<%= parse_policy_path(@policy) %>"></iframe>

data/app/views/policies/steps/_deployment_options_form.html.erb

@@ -3,8 +3,8 @@
 
   <div class="alert alert-info" id="scap-deployment-options-info-banner">
     <span class="pficon pficon-info"></span>
-    <strong>There are significant differences in deployment options.</strong>
-    Please make sure you understand them by reading our <%= scap_doc_link('#2.3Policydeploymentoptions') %>.
+    <strong><%= _('There are significant differences in deployment options.') %></strong>
+    <%= _('Please make sure you understand them by reading our') %> <%=scap_doc_link('#2.3Policydeploymentoptions') %>.
   </div>
 
   <%= deploy_by_radios f, @policy %>

data/app/views/scap_contents/edit.html.erb

@@ -1,15 +1,5 @@
-<% title _("Edit SCAP Content") %>
+<% title _("Edit %s") % @scap_content.title %>
 <%= breadcrumbs(:resource_url => api_compliance_scap_contents_path,
-                :name_field => 'title',
-                :items => [
-                  { :caption => _('Scap Contents'),
-                    :url => url_for(scap_contents_path)
-                  },
-                  { :caption => @scap_content.title,
-                    :url => (edit_scap_content_path(@scap_content) if authorized_for(hash_for_edit_scap_content_path(@scap_content)))
-                  }
-                ]
-              ) if @scap_content %>
-
+                :name_field => 'title') %>
 
 <%= render :partial => 'form' %>

data/app/views/tailoring_files/edit.html.erb

@@ -1,13 +1,5 @@
-<% title _("Edit Tailoring File") %>
+<% title _("Edit %s") % @tailoring_file.name %>
 <%= breadcrumbs(:resource_url => api_compliance_tailoring_files_path,
-                :items => [
-                  { :caption => _('Tailoring Files'),
-                    :url => url_for(tailoring_files_path)
-                  },
-                  { :caption => @tailoring_file.name,
-                    :url => (edit_tailoring_file_path(@tailoring_file) if authorized_for(hash_for_edit_tailoring_file_path(@tailoring_file)))
-                  }
-                ]
-              ) if @tailoring_file %>
+                :name_field => 'name') %>
 
 <%= render :partial => 'form' %>

data/config/initializers/inflections.rb

@@ -0,0 +1,12 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format
+# (all these examples are active by default):
+ActiveSupport::Inflector.inflections do |inflect|
+  #   inflect.plural /^(ox)$/i, '\1en'
+  #   inflect.singular /^(ox)en/i, '\1'
+  #   inflect.irregular 'person', 'people'
+  #   inflect.uncountable %w(fish sheep)
+
+  inflect.singular 'cves', 'cve'
+end

data/config/routes.rb

@@ -1,4 +1,7 @@
 Rails.application.routes.draw do
+  match '/experimental/compliance' => 'react#index', :via => [:get]
+  match '/experimental/compliance/*page' => 'react#index', :via => [:get]
+
   scope '/compliance' do
     resources :arf_reports, :only => %i[index show destroy] do
       member do
@@ -87,8 +90,24 @@ Rails.application.routes.draw do
             get 'download_html'
           end
         end
+
         post 'arf_reports/:cname/:policy_id/:date', \
              :constraints => { :cname => /[^\/]+/ }, :to => 'arf_reports#create'
+
+        resources :oval_contents, :except => %i[new edit] do
+          collection do
+            post 'sync'
+          end
+        end
+
+        resources :oval_policies, :except => %i[new edit] do
+          member do
+            post 'assign_hostgroups'
+            post 'assign_hosts'
+            get 'oval_content'
+          end
+        end
+        post 'oval_reports/:cname/:oval_policy_id/:date', :constraints => { :cname => /[^\/]+/ }, :to => 'oval_reports#create'
       end
     end
   end

data/db/migrate/20201019074925_create_oval_policy.rb

@@ -0,0 +1,13 @@
+class CreateOvalPolicy < ActiveRecord::Migration[6.0]
+  def change
+    create_table :foreman_openscap_oval_policies do |t|
+      t.string :name, unique: true
+      t.string :description
+      t.string :period
+      t.string :weekday
+      t.integer :day_of_month
+      t.string :cron_line
+      t.timestamps
+    end
+  end
+end

data/db/migrate/20201020113801_create_oval_facet.rb

@@ -0,0 +1,14 @@
+class CreateOvalFacet < ActiveRecord::Migration[6.0]
+  def change
+    create_table :foreman_openscap_oval_facets do |t|
+      t.references 'host', :null => false
+    end
+
+    add_index :foreman_openscap_oval_facets, [:host_id], :unique => true, :name => :foreman_openscap_oval_facets_host_id
+
+    create_table :foreman_openscap_oval_facet_oval_policies do |t|
+      t.references 'oval_policy', :null => false, :index => { :name => 'index_oval_facet_oval_policies_on_oval_policy_id'}
+      t.references 'oval_facet', :null => false, :index => { :name => 'index_oval_facet_oval_policies_on_oval_facet_id'}
+    end
+  end
+end

data/db/migrate/20201021084109_create_hostgroup_oval_facet.rb

@@ -0,0 +1,14 @@
+class CreateHostgroupOvalFacet < ActiveRecord::Migration[6.0]
+  def change
+    create_table :foreman_openscap_hostgroup_oval_facets do |t|
+      t.references 'hostgroup', :null => false
+    end
+
+    add_index :foreman_openscap_hostgroup_oval_facets, [:hostgroup_id], :unique => true, :name => :foreman_openscap_hostgroup_oval_facets_hostgroup_id
+
+    create_table :foreman_openscap_hostgroup_oval_facet_oval_policies do |t|
+      t.references 'oval_policy', :null => false, :index => { :name => 'index_hg_oval_facet_oval_policies_on_oval_policy_id'}
+      t.references 'oval_facet', :null => false, :index => { :name => 'index_hg_oval_facet_oval_policies_on_hg_oval_facet_id'}
+    end
+  end
+end

data/db/migrate/20201106080924_create_oval_content.rb

@@ -0,0 +1,12 @@
+class CreateOvalContent < ActiveRecord::Migration[6.0]
+  def change
+    create_table :foreman_openscap_oval_contents do |t|
+      t.string :name, null: false
+      t.string :digest
+      t.string :original_filename
+      t.binary :scap_file
+    end
+
+    add_index :foreman_openscap_oval_contents, :name, :unique => true
+  end
+end

data/db/migrate/20201116110256_add_oval_content_to_oval_policy.rb

@@ -0,0 +1,5 @@
+class AddOvalContentToOvalPolicy < ActiveRecord::Migration[6.0]
+  def change
+    add_column :foreman_openscap_oval_policies, :oval_content_id, :integer, :references => :oval_content
+  end
+end

data/db/migrate/20201120080329_create_cves.rb

@@ -0,0 +1,13 @@
+class CreateCves < ActiveRecord::Migration[6.0]
+  def change
+    create_table :foreman_openscap_cves do |t|
+      t.string :ref_id, :null => false, :unique => true
+      t.string :ref_url, :null => false, :unique => true
+    end
+
+    create_table :foreman_openscap_host_cves do |t|
+      t.references :host, :null => false
+      t.references :cve, :null => false
+    end
+  end
+end

data/db/migrate/20201202110213_update_puppet_port_param_type.rb

@@ -0,0 +1,24 @@
+class UpdatePuppetPortParamType < ActiveRecord::Migration[6.0]
+  def up
+    update_port_type :to_i
+  end
+
+  def down
+    update_port_type :to_s
+  end
+
+  private
+
+  def update_port_type(method)
+    puppet_class = Puppetclass.find_by :name => 'foreman_scap_client'
+    return unless puppet_class
+    port_key = puppet_class.class_params.find_by :key => 'port'
+    return unless port_key
+
+    if method == :to_i
+      port_key.update_columns(:key_type => "integer", :default_value => port_key.default_value.to_i)
+    else
+      port_key.update_columns(:key_type => "string", :default_value => port_key.default_value.to_s)
+    end
+  end
+end

data/db/migrate/20201217130800_add_has_errata_to_cve.rb

@@ -0,0 +1,8 @@
+class AddHasErrataToCve < ActiveRecord::Migration[6.0]
+  def change
+    add_column :foreman_openscap_cves, :has_errata, :boolean
+    add_column :foreman_openscap_cves, :definition_id, :string, :null => false
+    change_column :foreman_openscap_cves, :ref_id, :string, :null => false
+    change_column :foreman_openscap_cves, :ref_url, :string, :null => false
+  end
+end

data/db/migrate/20201217161511_add_url_to_oval_content.rb

@@ -0,0 +1,5 @@
+class AddUrlToOvalContent < ActiveRecord::Migration[6.0]
+  def change
+    add_column :foreman_openscap_oval_contents, :url, :string
+  end
+end

data/db/migrate/20210409095625_add_oval_policy_reference_to_cve.rb

@@ -0,0 +1,7 @@
+class AddOvalPolicyReferenceToCve < ActiveRecord::Migration[6.0]
+  def change
+    add_column :foreman_openscap_host_cves, :oval_policy_id, :integer, :references => :oval_policy
+
+    add_index :foreman_openscap_host_cves, [:host_id, :oval_policy_id, :cve_id], :unique => true, :name => :index_oval_policy_host_cve_id_on_host_cve
+  end
+end

data/db/seeds.d/75-job_templates.rb

@@ -11,8 +11,9 @@ if ForemanOpenscap.with_remote_execution?
         else
           template = JobTemplate.import!(File.read(template), :default => true, :lock => true, :update => sync)
         end
-        template.organizations = organizations if SETTINGS[:organizations_enabled] && template.present?
-        template.locations = locations if SETTINGS[:locations_enabled] && template.present?
+        next unless template.present?
+        template.organizations = organizations
+        template.locations = locations
       end
     end
   end

data/lib/foreman_openscap/bulk_upload.rb

@@ -49,8 +49,8 @@ module ForemanOpenscap
         next if scap_content.persisted?
         scap_content.scap_file = file
         scap_content.original_filename = filename
-        scap_content.location_ids = Location.all.map(&:id)
-        scap_content.organization_ids = Organization.all.map(&:id)
+        scap_content.location_ids = Location.all.pluck(:id)
+        scap_content.organization_ids = Organization.all.pluck(:id)
 
         if scap_content.save
           @result.results.push(scap_content)

data/lib/foreman_openscap/engine.rb

@@ -9,6 +9,7 @@ module ForemanOpenscap
     config.autoload_paths += Dir["#{config.root}/app/helpers/concerns"]
     config.autoload_paths += Dir["#{config.root}/app/models/concerns"]
     config.autoload_paths += Dir["#{config.root}/app/models"]
+    config.autoload_paths += Dir["#{config.root}/app/graphql"]
     config.autoload_paths += Dir["#{config.root}/app/lib"]
     config.autoload_paths += Dir["#{config.root}/app/services"]
     config.autoload_paths += Dir["#{config.root}/lib"]
@@ -41,8 +42,8 @@ module ForemanOpenscap
       Apipie.configuration.checksum_path += ['/compliance/']
     end
 
-    initializer 'foreman_openscap.filter_report_body' do |app|
-      app.config.filter_parameters << :logs if app.config.filter_parameters
+    initializer 'foreman_openscap.filter_large_params' do |app|
+      app.config.filter_parameters += %i[logs scap_file oval_results] if app.config.filter_parameters
     end
 
     initializer 'foreman_openscap.register_plugin', :before => :finisher_hook do |app|
@@ -52,6 +53,7 @@ module ForemanOpenscap
         apipie_documented_controllers ["#{ForemanOpenscap::Engine.root}/app/controllers/api/v2/compliance/*.rb"]
 
         register_custom_status ForemanOpenscap::ComplianceStatus
+        register_custom_status ForemanOpenscap::OvalStatus
 
         # Add permissions
         security_block :foreman_openscap do
@@ -120,6 +122,24 @@ module ForemanOpenscap
                      :resource_type => 'ForemanOpenscap::TailoringFile'
           permission :view_openscap_proxies, { :openscap_proxies => [:openscap_spool] },
                      :resource_type => 'SmartProxy'
+          permission :view_oval_contents, { 'api/v2/compliance/oval_contents' => %i[index show] },
+                     :resource_type => 'ForemanOpenscap::OvalContent'
+          permission :edit_oval_contents, { 'api/v2/compliance/oval_contents' => %i[update sync] },
+                     :resource_type => 'ForemanOpenscap::OvalContent'
+          permission :create_oval_contents, { 'api/v2/compliance/oval_contents' => %i[create] },
+                     :resource_type => 'ForemanOpenscap::OvalContent'
+          permission :destroy_oval_contents, { 'api/v2/compliance/oval_contents' => %i[destroy] },
+                     :resource_type => 'ForemanOpenscap::OvalContent'
+          permission :view_oval_policies, { 'api/v2/compliance/oval_policies' => %i[index show oval_content] },
+                     :resource_type => 'ForemanOpenscap::OvalPolicy'
+          permission :edit_oval_policies, { 'api/v2/compliance/oval_policies' => %i[update assign_hosts assign_hostgroups] },
+                     :resource_type => 'ForemanOpenscap::OvalPolicy'
+          permission :create_oval_policies, { 'api/v2/compliance/oval_policies' => %i[create] },
+                     :resource_type => 'ForemanOpenscap::OvalPolicy'
+          permission :destroy_oval_policies, { 'api/v2/compliance/oval_policies' => %i[destroy] },
+                     :resource_type => 'ForemanOpenscap::OvalPolicy'
+          permission :create_oval_policies, { 'api/v2/compliance/oval_reports' => %i[create] },
+                     :resource_type => 'ForemanOpenscap::Cve'
         end
 
         role "Compliance viewer", %i[view_arf_reports view_policies view_scap_contents view_tailoring_files view_openscap_proxies],
@@ -148,7 +168,15 @@ module ForemanOpenscap
         menu :top_menu, :compliance_files, :caption => N_('Tailoring Files'),
                                            :url_hash => { :controller => :tailoring_files, :action => :index },
                                            :parent => :hosts_menu
+        menu :labs_menu, :oval_contents, :caption => N_('OVAL Contents'),
+                                         :url_hash => { :controller => 'react', :action => 'index' },
+                                         :url => '/experimental/compliance/oval_contents',
+                                         :parent => :lab_features_menu
 
+        menu :labs_menu, :oval_policies, :caption => N_('OVAL Policies'),
+                                         :url_hash => { :controller => 'react', :action => 'index' },
+                                         :url => '/experimental/compliance/oval_policies',
+                                         :parent => :lab_features_menu
         # add dashboard widget
         widget 'compliance_host_reports_widget',
                :name => N_('Latest Compliance Reports'), :sizex => 6, :sizey => 1
@@ -169,7 +197,7 @@ module ForemanOpenscap
 
         proxy_description = N_('OpenSCAP Proxy to use for fetching SCAP content and uploading ARF reports. Leave blank and override appropriate parameters when using proxy load balancer.')
 
-        smart_proxy_for Hostgroup, :openscap_proxy,
+        smart_proxy_for ::Hostgroup, :openscap_proxy,
                         :feature => 'Openscap',
                         :label => N_('OpenSCAP Proxy'),
                         :description => proxy_description,
@@ -180,19 +208,6 @@ module ForemanOpenscap
                         :description => proxy_description,
                         :api_description => N_('ID of OpenSCAP Proxy')
 
-        if ForemanOpenscap.with_remote_execution?
-          options = {
-            :description => N_("Run OpenSCAP scan"),
-            :provided_inputs => "policies"
-          }
-
-          if Gem::Version.new(ForemanRemoteExecution::VERSION) >= Gem::Version.new('1.2.3')
-            options[:host_action_button] = true
-          end
-
-          RemoteExecutionFeature.register(:foreman_openscap_run_scans, N_("Run OpenSCAP scan"), options)
-        end
-
         add_controller_action_scope('Api::V2::HostsController', :index) do |base_scope|
           base_scope.preload(:policies)
         end
@@ -201,6 +216,30 @@ module ForemanOpenscap
           base_scope.preload(:policies)
         end
 
+        register_global_js_file 'global'
+
+        register_graphql_query_field :oval_contents, '::Types::OvalContent', :collection_field
+        register_graphql_query_field :oval_policies, '::Types::OvalPolicy', :collection_field
+        register_graphql_query_field :oval_policy, '::Types::OvalPolicy', :record_field
+        register_graphql_query_field :cves, '::Types::Cve', :collection_field
+
+        # move to core
+        extend_graphql_type type: ::Types::Hostgroup do
+          field :descendants, Types::Hostgroup.connection_type, null: true, resolve: (proc do |object|
+            RecordLoader.for(model_class).load_many(object.descendant_ids)
+          end)
+        end
+
+        register_facet ForemanOpenscap::Host::OvalFacet, :oval_facet do
+          configure_host do
+            extend_model ForemanOpenscap::OvalFacetHostExtensions
+          end
+
+          configure_hostgroup(ForemanOpenscap::Hostgroup::OvalFacet) do
+            extend_model ForemanOpenscap::OvalFacetHostgroupExtensions
+          end
+        end
+
         describe_host do
           multiple_actions_provider :compliance_host_multiple_actions
           overview_buttons_provider :compliance_host_overview_button
@@ -217,13 +256,13 @@ module ForemanOpenscap
     # Include concerns in this config.to_prepare block
     config.to_prepare do
       ::Api::V2::HostsController.send(:include, ForemanOpenscap::Api::V2::HostsControllerExtensions)
-      Host::Managed.send(:include, ForemanOpenscap::OpenscapProxyExtensions)
-      Host::Managed.send(:include, ForemanOpenscap::OpenscapProxyCoreExtensions)
-      Host::Managed.send(:prepend, ForemanOpenscap::HostExtensions)
+      ::Host::Managed.send(:include, ForemanOpenscap::OpenscapProxyExtensions)
+      ::Host::Managed.send(:include, ForemanOpenscap::OpenscapProxyCoreExtensions)
+      ::Host::Managed.send(:prepend, ForemanOpenscap::HostExtensions)
       HostsHelper.send(:prepend, ForemanOpenscap::HostsHelperExtensions)
-      Hostgroup.send(:include, ForemanOpenscap::OpenscapProxyExtensions)
-      Hostgroup.send(:include, ForemanOpenscap::OpenscapProxyCoreExtensions)
-      Hostgroup.send(:include, ForemanOpenscap::HostgroupExtensions)
+      ::Hostgroup.send(:include, ForemanOpenscap::OpenscapProxyExtensions)
+      ::Hostgroup.send(:include, ForemanOpenscap::OpenscapProxyCoreExtensions)
+      ::Hostgroup.send(:include, ForemanOpenscap::HostgroupExtensions)
       SmartProxy.send(:include, ForemanOpenscap::SmartProxyExtensions)
       HostsController.send(:prepend, ForemanOpenscap::HostsControllerExtensions)
       HostsController.send(:include, ForemanOpenscap::HostsAndHostgroupsControllerExtensions)
@@ -231,6 +270,25 @@ module ForemanOpenscap
       Log.send(:include, ForemanOpenscap::LogExtensions)
       BookmarkControllerValidator.send(:prepend, ForemanOpenscap::BookmarkControllerValidatorExtensions)
       ProxyStatus.status_registry.add(ProxyStatus::OpenscapSpool)
+
+      if ForemanOpenscap.with_remote_execution?
+        options = {
+          :description => N_("Run OpenSCAP scan"),
+          :provided_inputs => "policies"
+        }
+
+        oval_options = {
+          :description => N_("Run OVAL scan")
+        }
+
+        if Gem::Version.new(ForemanRemoteExecution::VERSION) >= Gem::Version.new('1.2.3')
+          options[:host_action_button] = true
+          oval_options[:host_action_button] = Setting[:lab_features]
+        end
+
+        RemoteExecutionFeature.register(:foreman_openscap_run_scans, N_("Run OpenSCAP scan"), options)
+        RemoteExecutionFeature.register(:foreman_openscap_run_oval_scans, N_("Run OVAL scan"), oval_options)
+      end
     end
 
     rake_tasks do