action #125654
Updated by amanzini about 1 year ago
## Context our current test https://github.com/os-autoinst/os-autoinst-distri-opensuse/blob/master/tests/fips/openjdk/openjdk_fips.pm is specifically installing jdk11, but with the progress of the updates it can happen that we find on the machines a newer one. The newer one could support new Cipher Suites and Security Providers. At the moment as a workaround, we uninstall any JDK jdk before testing; testing, so the question is: ## Question - is : should we test any present and greater version of OpenJDK, or only some specific ones? ## Action - provide for each JDK version the accepted list of FIPS crypto providers, which for OpenJDK 11 is currently stored in https://gitlab.suse.de/qe-security/testing/-/raw/main/data/openjdk/Tcheck.txt - change the test to map the correct JDK version with the reference list of Supported Cipher Suites and Security Providers