openQA Tests

Overview
Activity
Roadmap
Issues
Gantt
Calendar
Wiki

Custom queries

All open Feature tests
openQA Infrastructure Project
openqa-review - Closed tickets last updated by openqa-review, last 30 days
QA roadmap long-term
QA SLE functional
QA SLE Functional - closed in last 14 days
QA SLE Functional - High, need to be refined
QA SLE Functional - over cycle time median
QA SLE u
QA SLE y
QA tools (tag not necessary in openQA and subprojects)
QA tools tag (tag not necessary in openQA and subprojects; excluding tickets in "Ready" version as they are already on the backlog)
QAC - Backlog
QAM
QE tools team - backlog (ready issues)
QE tools team - backlog (w/o infra)
QE tools team - backlog SLA high
QE tools team - backlog SLA immediate
QE tools team - backlog SLA no immediate/urgent in feedback/blocked
QE tools team - backlog SLA normal
QE tools team - backlog SLA urgent
QE tools team - backlog SLO high
QE tools team - backlog SLO normal
QE tools team - backlog SLO urgent
QE tools team - backlog, high-level view (epics and higher)
QE tools team - backlog, non-reactive work, needs parent
QE tools team - backlog, top-level view (all sagas)
QE tools team - closed within last 14 days
QE tools team - closed within last 60 days
QE tools team - closed yesterday
QE Tools Team - Collaborative Session
QE tools team - due date forecast
QE tools team - exceeding due-date
QE tools team - infrastructure backlog
QE tools team - next - sorted by update time
QE tools team - next issues
QE tools team - non-estimated (unblocked) issues (dev)
QE tools team - non-estimated (unblocked) issues (infra)
QE tools team - ready issues - Workable
QE tools team - ready, not assigned/blocked/low
QE tools team - SLO high forecast
QE tools team - update forecast
QE tools team - updated by priority
QE tools team - what members of the team are working on - Feedback (not-low)
QE Tools Team Backlog By Assignee
SLE15 Migration Open Tickets
SLE15 SP1 Migration Open Tickets
SLE15SP3 Migration open ticket
SLE15SP3 Security open ticket
Tools Team Retrospective
Tools Team Retrospective (not estimated or assigned)

Actions

Copy link

action #137849

open

[security] Migrate FIPS encryption tests to AutoYaST

Added by emiler 9 months ago. Updated 3 months ago.

Status:

Workable

Priority:

Normal

Assignee:

emiler

Category:

Target version:

Start date:

2023-10-13

Due date:

% Done:

Estimated time:

8.00 h

Difficulty:

Tags:

fips

Description

We could migrate existing encryption tests to use AutoYaST, which would make the test noticeably faster.

History
Notes
Property changes

Actions

Copy link

Updated by emiler 9 months ago

I have been experimenting with this and It doesn't pass FIPS integrity test during boot, for example here: https://openqa.suse.de/tests/12464819

At first it seemed like AutoYaST is not able to work with FIPS during installation, but there are other FIPS jobs which works, eg. https://openqa.suse.de/tests/12474399. I'll do further poking.

Work is being tracked at https://github.com/realcharmer/os-autoinst-distri-opensuse/tree/autoyast.

Actions

Copy link

Updated by emiler 9 months ago

Several modifications had to been made to the AutoYaST xml file, mainly setting correct <append> values to boot from /dev/vda2. It now runs on x86_64 and aarch64. I have also added a fips_install_separate_boot_verify module to the schedule to actually verify FIPS after installation.

Actions

Copy link

Updated by emiler 9 months ago

I have been trying to get rid of YAML_TEST_DATA from the old tests, which are used during runtime checks, such as validate_encrypt, but it would require to "hardcode" some variables. Simply removing the data file would result in a failure during validation tests. I'll do more experimenting.

Actions

Copy link