rpms / ipa

Clone
Source Code
GIT

Blame SOURCES/0005-ipatests-healthcheck-test-if-system-is-FIPS-enabled.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   b82271ee68ba2c3a100f1fef85b9702dcdb7533e
  2.   SOURCES
  3.   0005-ipatests-healthcheck-test-if-system-is-FIPS-enabled.patch
Blob History Raw
8e1ca3 
From c55185d3dc3c6cd2ffebab77fbf8caa40a32bcd1 Mon Sep 17 00:00:00 2001
8e1ca3 
From: Erik <ebelko@redhat.com>
8e1ca3 
Date: Mon, 18 Jul 2022 11:59:24 +0200
8e1ca3 
Subject: [PATCH] ipatests: healthcheck: test if system is FIPS enabled
8e1ca3
8e1ca3 
Test if FIPS is enabled and the check exists.
8e1ca3
8e1ca3 
Related: https://pagure.io/freeipa/issue/8951
8e1ca3
8e1ca3 
Signed-off-by: Erik Belko <ebelko@redhat.com>
8e1ca3 
Reviewed-By: Michal Polovka <mpolovka@redhat.com>
8e1ca3 
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
8e1ca3 
---
8e1ca3 
 .../test_integration/test_ipahealthcheck.py   | 25 +++++++++++++++++++
8e1ca3 
 1 file changed, 25 insertions(+)
8e1ca3
8e1ca3 
diff --git a/ipatests/test_integration/test_ipahealthcheck.py b/ipatests/test_integration/test_ipahealthcheck.py
8e1ca3 
index 23af09f3a7eaa8012e7a898ce6a534d1fad45323..a0c85f79e6e84f9e63072c6d70276480e4af97ad 100644
8e1ca3 
--- a/ipatests/test_integration/test_ipahealthcheck.py
8e1ca3 
+++ b/ipatests/test_integration/test_ipahealthcheck.py
8e1ca3 
@@ -340,6 +340,31 @@ class TestIpaHealthCheck(IntegrationTest):
8e1ca3 
         assert returncode == 0
8e1ca3 
         assert output == "No issues found."
8e1ca3
8e1ca3 
+    def test_ipa_healthcheck_fips_enabled(self):
8e1ca3 
+        """
8e1ca3 
+        Test if FIPS is enabled and the check exists.
8e1ca3 
+
8e1ca3 
+        https://pagure.io/freeipa/issue/8951
8e1ca3 
+        """
8e1ca3 
+        returncode, check = run_healthcheck(self.master,
8e1ca3 
+                                            source="ipahealthcheck.meta.core",
8e1ca3 
+                                            check="MetaCheck",
8e1ca3 
+                                            output_type="json",
8e1ca3 
+                                            failures_only=False)
8e1ca3 
+        assert returncode == 0
8e1ca3 
+
8e1ca3 
+        cmd = self.master.run_command(['fips-mode-setup', '--is-enabled'],
8e1ca3 
+                                      raiseonerr=False)
8e1ca3 
+        returncode = cmd.returncode
8e1ca3 
+
8e1ca3 
+        # If this produces IndexError, the check does not exist
8e1ca3 
+        if check[0]["kw"]["fips"] == "disabled":
8e1ca3 
+            assert returncode == 2
8e1ca3 
+        elif check[0]["kw"]["fips"] == "enabled":
8e1ca3 
+            assert returncode == 0
8e1ca3 
+        else:
8e1ca3 
+            assert returncode == 1
8e1ca3 
+
8e1ca3 
     def test_ipa_healthcheck_after_certupdate(self):
8e1ca3 
         """
8e1ca3 
         Verify that ipa-certupdate hasn't messed up tracking
8e1ca3 
--
8e1ca3 
2.37.2
8e1ca3

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation