From 83e56366f3ba9d6ac4acfbaf55430c7a53cf47f6 Mon Sep 17 00:00:00 2001
From: Peter Ondrejka <pondrejk@redhat.com>
Date: Tue, 25 Feb 2025 13:09:17 +0100
Subject: [PATCH] allow applying a scap policy after manual hardening

---
 tests/foreman/longrun/test_oscap.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/tests/foreman/longrun/test_oscap.py b/tests/foreman/longrun/test_oscap.py
index b9cf53d2eb..f1d7b1d24e 100644
--- a/tests/foreman/longrun/test_oscap.py
+++ b/tests/foreman/longrun/test_oscap.py
@@ -421,7 +421,7 @@ def test_positive_oscap_remediation(
     assert contenthost.execute("rpm -q aide").status == 0
 
 
-@pytest.mark.rhel_ver_list([7, 8, 9])
+@pytest.mark.rhel_ver_list([7, 8, 9, 10])
 @pytest.mark.tier4
 def test_positive_oscap_run_via_ansible_bz_1814988(
     module_org, default_proxy, lifecycle_env, target_sat, rex_contenthost
@@ -468,6 +468,11 @@ def test_positive_oscap_run_via_ansible_bz_1814988(
         f'/usr/share/xml/scap/ssg/content/ssg-{distro}-ds.xml',
     )
 
+    # disable gpgcheck enabled by the above security policy
+    contenthost.run(
+        "sed -i 's/gpgcheck=1/gpgcheck=0/' /etc/yum.repos.d/foreman_registration1.repo "
+    )
+
     # Apply policy
     job_id = target_sat.cli.Host.ansible_roles_play({'name': contenthost.hostname.lower()})[0].get(
         'id'