action #137849
open
[security] Migrate FIPS encryption tests to AutoYaST
Added by emiler 9 months ago.
Updated 3 months ago.
Description
We could migrate existing encryption tests to use AutoYaST, which would make the test noticeably faster.
Several modifications had to been made to the AutoYaST xml file, mainly setting correct <append>
values to boot from /dev/vda2
. It now runs on x86_64 and aarch64. I have also added a fips_install_separate_boot_verify
module to the schedule to actually verify FIPS after installation.
I have been trying to get rid of YAML_TEST_DATA
from the old tests, which are used during runtime checks, such as validate_encrypt
, but it would require to "hardcode" some variables. Simply removing the data file would result in a failure during validation tests. I'll do more experimenting.
- Estimated time set to 8.00 h
- Status changed from In Progress to Workable
Not working on this at the moment.
Also available in: Atom
PDF