action #52817
closed[sle][security][sle12sp5] FIPS: Do the FIPS enabled installation test instead of creating image
0%
Description
We have been creating our own FIPS image and not use existing image generated by create_hdd_gnome
in functional job group before, because we would like to test "kernel fips mode" during installation and use the image for other FIPS regression testing.
Currently, there is fips_env_tests_setup
which create a default+WE image. But WE is not necessary for other tests except seahorse and hexchat.
This proposal is to only perform installation testing with fips=1 enabled. And do not generate any images for simplicity.
For other fips test suite, we use the normal image created by create_hdd_gnome in functional job group, and add a step fips_setup (tests/fips/fips_setup.pm
) at the beginning. We believe by this approach the cases running speed could be improved, and it could help us to avoid the testing delay caused by image uploading failed issue (usually happened for s390x).fips_setup could also be used in the installation for only to verify FIPS kernel mode environment has been successfully configured.
The variable FIPS in lib/bootloader_setup.pm
will also be renamed to FIPS_INSTALLATION.
In case "FIPS kernel mode" may not work caused by fips=1 bugs, other test suites could also be switched to "fips single mode" with variable "FIPS_ENV_MODE=1". Which has already been implemented.
Consider to make this change with PR#52808 and PR#52805 together.
Updated by whdu over 5 years ago
- Related to action #52808: [sle][security][sle12sp5] FIPS: Re-arrange existing test cases into different test suites added
Updated by whdu over 5 years ago
- Related to action #52805: [sle][security][sle12sp5] FIPS: Unified test suite settings for both s390x and x86_64 added
Updated by bchou over 5 years ago
Just would like to amend this "fips signal mode" to "fips Single mode". Others are good to me. Thanks.
Updated by whdu over 5 years ago
- Subject changed from [sle][security][sle12sp5] FIPS: Prepare minimal textmode image for FIPS testing to [sle][security][sle12sp5] FIPS: Do the FIPS enabled installation test instead of creating image
- Description updated (diff)
- Status changed from New to In Progress