Project

General

Profile

Actions

action #34108

closed

[sle][functional][y] Network Installations - remote installation over https with self-signed certificate

Added by okurz about 6 years ago. Updated over 5 years ago.

Status:
Resolved
Priority:
High
Assignee:
Category:
New test
Target version:
SUSE QA - Milestone 19
Start date:
2016-11-30
Due date:
2018-09-11
% Done:

0%

Estimated time:
13.00 h
Difficulty:

Description

Acceptance criteria

  • AC1: At least one scenario for each relevant SLE+openSUSE product conducting an installation using a https-repo with self-signed certificate

Suggestions

  • https://openqa.suse.de has a SUSE-valid, self-signed certificate so maybe it is simply possible to use https in the MIRROR_HTTP variable however currently in lib/bootloader_setup.pm we do not type the https protocol nor does there seem to be a bootloader menu option for HTTPS explicitly
  • Find out (documentation, IRC, bug) how one can use https … if at all
  • Adapt test to explicitly use https as remote repo

Related issues 1 (0 open1 closed)

Copied from openQA Tests - action #15148: [sle][functional][y] Network Installations - HTTPSResolvedokurz2016-11-302018-09-11

Actions
Actions #1

Updated by okurz about 6 years ago

  • Copied from action #15148: [sle][functional][y] Network Installations - HTTPS added
Actions #2

Updated by okurz almost 6 years ago

  • Target version changed from Milestone 18 to Milestone 18
Actions #3

Updated by okurz over 5 years ago

  • Description updated (diff)
  • Due date set to 2018-08-28
  • Assignee set to okurz
openqa_clone_job_osd --skip-chained-deps 1853834 TEST=gnome_https MIRROR_HTTP=https://openqa.suse.de/assets/repo/SLE-12-SP4-Server-DVD-x86_64-Build0292-Media1 _GROUP="Test Development: SLE 12 SP4"

-> Created job #1857779: sle-12-SP4-Server-MINI-ISO-x86_64-Build0292-gnome_http@64bit -> https://openqa.suse.de/t1857779

Actions #4

Updated by okurz over 5 years ago

  • Description updated (diff)
  • Status changed from In Progress to Workable
  • Assignee deleted (okurz)

This did not work, see in https://openqa.suse.de/tests/1857779/file/video.ogv#t=10.54,10.58 that we do not enter the protocol and have selected the "HTTP" option in before. I guess documentation needs to be checked if we should set explicitly https://… or a different menu option or if it is simply not supported.

Actions #5

Updated by dheidler over 5 years ago

What do you mean with "this didn't work"?
What did you expect?

Actions #6

Updated by okurz over 5 years ago

dheidler wrote:

What do you mean with "this didn't work"?

What happened in the test that the prefix "https" was stripped when entering so I doubt that https is actually used

What did you expect?

I expected that either there is a menu option in the bootloader to select HTTPS explicitly or when we enter "https:/…" in the HTTP variable it would use https – but we did not enter https.

Actions #7

Updated by okurz over 5 years ago

https://en.opensuse.org/index.php?title=SDB:Linuxrc mentions "https" so at least something should work

Actions #8

Updated by riafarov over 5 years ago

  • Estimated time set to 13.00 h
Actions #9

Updated by JERiveraMoya over 5 years ago

It might be that we only have available HTTP, HTTPS is not an option as is displayed here https://openqa.suse.de/tests/1954582#step/bootloader/10. Probably is that https installation is only available through SMT: https://www.suse.com/documentation/sled-12/book_sle_deployment/data/sec_i_yast2_startup.html

Actions #10

Updated by JERiveraMoya over 5 years ago

I tried in a VM using these boot options: ssl.certs=0 install=https://openqa.suse.de/assets/repo/SLE-12-SP4-Server-DVD-x86_64-Build0351-Media1 and it seems to work because setting up a non-existing build the installer complains about it.

Actions #11

Updated by riafarov over 5 years ago

  • Status changed from Workable to In Progress
  • Assignee set to riafarov
Actions #12

Updated by riafarov over 5 years ago

So for SLES it's fairly easy, except that we cannot do zVM installations as url is too long. For openSUSE we have can use https, but we have root certificate installed, so it's not self-signed.
s

Actions #13

Updated by riafarov over 5 years ago

  • Status changed from In Progress to Feedback
Actions #14

Updated by riafarov over 5 years ago

  • Due date changed from 2018-08-28 to 2018-09-11

Pr merged an hour ago

Actions #15

Updated by riafarov over 5 years ago

Added test suite for all product under development

Actions #16

Updated by riafarov over 5 years ago

  • Status changed from Feedback to Resolved

I've cross checked the parent ticket, and it's totally different scope, as it's about booting over http and not remote installation with https repos. I resolve this ticket with part done for SLE.
@okurz, please create tickets accordingly. I believe installation over https is not a priority, but we need to test boot over http(s) which is supported for SLE 15 only as of now, and potentially in openSUSE.

Actions #17

Updated by riafarov over 5 years ago

  • Status changed from Resolved to Feedback
Actions #18

Updated by riafarov over 5 years ago

  • Target version changed from Milestone 18 to Milestone 19
Actions #19

Updated by riafarov over 5 years ago

  • Status changed from Feedback to Resolved

As confirmed with PO, we have done what's feasible right now.

Actions

Also available in: Atom PDF