From 432686c8ed705a438c3c37c0ab30c11e19d0e207 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20Mart=C3=ADn?= Date: Tue, 28 Nov 2023 16:23:16 +0100 Subject: [PATCH] feat: add tests for Fedora and RHEL 8/9 with FIPS MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add tests for Fedora and RHEL 8/9 qcow2 images with system FIPS mode enabled. Signed-off-by: Miguel Martín --- test/config-map.json | 13 +++ test/configs/all-with-fips.json | 175 ++++++++++++++++++++++++++++++++ 2 files changed, 188 insertions(+) create mode 100644 test/configs/all-with-fips.json diff --git a/test/config-map.json b/test/config-map.json index 2a7e555c26..aef6ddc916 100644 --- a/test/config-map.json +++ b/test/config-map.json @@ -24,6 +24,19 @@ "qcow2" ] }, + "./configs/all-with-fips.json": { + "distros": [ + "rhel-93", + "rhel-94", + "rhel-89", + "rhel-810", + "centos*", + "fedora*" + ], + "image-types": [ + "qcow2" + ] + }, "./configs/disable-lm_sensors.json": { "distros": [ "rhel-84" diff --git a/test/configs/all-with-fips.json b/test/configs/all-with-fips.json new file mode 100644 index 0000000000..dde1f24e64 --- /dev/null +++ b/test/configs/all-with-fips.json @@ -0,0 +1,175 @@ +{ + "name": "all-with-fips", + "blueprint": { + "packages": [ + { + "name": "bash", + "version": "*" + }, + { + "name": "bluez", + "version": "*" + } + ], + "modules": [], + "groups": [ + { + "name": "core" + } + ], + "customizations": { + "hostname": "my-host", + "kernel": { + "append": "debug" + }, + "fips": true, + "sshkey": [ + { + "user": "user1", + "key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC61wMCjOSHwbVb4VfVyl5sn497qW4PsdQ7Ty7aD6wDNZ/QjjULkDV/yW5WjDlDQ7UqFH0Sr7vywjqDizUAqK7zM5FsUKsUXWHWwg/ehKg8j9xKcMv11AkFoUoujtfAujnKODkk58XSA9whPr7qcw3vPrmog680pnMSzf9LC7J6kXfs6lkoKfBh9VnlxusCrw2yg0qI1fHAZBLPx7mW6+me71QZsS6sVz8v8KXyrXsKTdnF50FjzHcK9HXDBtSJS5wA3fkcRYymJe0o6WMWNdgSRVpoSiWaHHmFgdMUJaYoCfhXzyl7LtNb3Q+Sveg+tJK7JaRXBLMUllOlJ6ll5Hod root@localhost" + } + ], + "user": [ + { + "name": "user2", + "description": "description 2", + "password": "$6$BhyxFBgrEFh0VrPJ$MllG8auiU26x2pmzL4.1maHzPHrA.4gTdCvlATFp8HJU9UPee4zCS9BVl2HOzKaUYD/zEm8r/OF05F2icWB0K/", + "key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC61wMCjOSHwbVb4VfVyl5sn497qW4PsdQ7Ty7aD6wDNZ/QjjULkDV/yW5WjDlDQ7UqFH0Sr7vywjqDizUAqK7zM5FsUKsUXWHWwg/ehKg8j9xKcMv11AkFoUoujtfAujnKODkk58XSA9whPr7qcw3vPrmog680pnMSzf9LC7J6kXfs6lkoKfBh9VnlxusCrw2yg0qI1fHAZBLPx7mW6+me71QZsS6sVz8v8KXyrXsKTdnF50FjzHcK9HXDBtSJS5wA3fkcRYymJe0o6WMWNdgSRVpoSiWaHHmFgdMUJaYoCfhXzyl7LtNb3Q+Sveg+tJK7JaRXBLMUllOlJ6ll5Hod root@localhost", + "home": "/home/home2", + "shell": "/bin/sh", + "groups": [ + "group1" + ], + "uid": 1020, + "gid": 1050 + }, + { + "name": "user3", + "uid": 1060, + "gid": 1060 + } + ], + "group": [ + { + "name": "group1", + "gid": 1030 + }, + { + "name": "group2", + "gid": 1050 + }, + { + "name": "user3", + "gid": 1060 + } + ], + "timezone": { + "timezone": "Europe/London", + "ntpservers": [ + "time.example.com" + ] + }, + "locale": { + "languages": [ + "el_CY.UTF-8" + ], + "keyboard": "dvorak" + }, + "services": { + "enabled": [ + "sshd.service", + "custom.service" + ], + "disabled": [ + "bluetooth.service" + ] + }, + "filesystem": [ + { + "mountpoint": "/home", + "minsize": 2147483648 + }, + { + "mountpoint": "/home/shadowman", + "minsize": "500MiB" + }, + { + "mountpoint": "/foo", + "minsize": "1GiB" + }, + { + "mountpoint": "/usr", + "minsize": "4GiB" + }, + { + "mountpoint": "/opt", + "minsize": "1GiB" + }, + { + "mountpoint": "/media", + "minsize": "1GiB" + }, + { + "mountpoint": "/root", + "minsize": "1GiB" + }, + { + "mountpoint": "/srv", + "minsize": "1GiB" + }, + { + "mountpoint": "/mnt", + "minsize": "1GiB" + } + ], + "directories": [ + { + "path": "/etc/systemd/system/custom.service.d" + }, + { + "path": "/etc/custom_dir", + "mode": "0770", + "user": 1020, + "group": 1050 + } + ], + "files": [ + { + "path": "/etc/systemd/system/custom.service", + "data": "[Unit]\nDescription=Custom service\n\n[Service]\nExecStart=/usr/bin/false\n\n[Install]\nWantedBy=multi-user.target\n" + }, + { + "path": "/etc/systemd/system/custom.service.d/override.conf", + "data": "[Service]\nExecStart=\nExecStart=/usr/bin/cat /etc/custom_file.txt\n" + }, + { + "path": "/etc/custom_file.txt", + "data": "image builder is the best", + "mode": "0644", + "user": "root", + "group": "root" + }, + { + "path": "/etc/empty_file.txt", + "user": 0, + "group": 0 + } + ], + "repositories": [ + { + "id": "example", + "name": "Example repo", + "baseurls": [ + "https://example.com/download/yum" + ], + "gpgcheck": true, + "enabled": true, + "repo_gpgcheck": false, + "gpgkeys": [ + "-----BEGIN PGP PUBLIC KEY BLOCK-----\n\nmQGiBGRBSJURBACzCoe9UNfxOUiFLq9b60weSBFdr39mLViscecDWATNvXtgRoK/\nxl/4qpayzALRCQ2Ek/pMrbKPF/3ngECuBv7S+rI4n/rIia4FNcqzYeZAz4DE4NP/\neUGvz49tWhmH17hX/rmF9kz5kLq2bDZI4GDgZW/oMDdt2ivj092Ljm9jRwCgyQy3\nWEK6RJvIcSEh9vbdwVdMPOcD/iHqNejTMFwGyZfCWB0eIOoxUOUn/ZZpELTL2UpW\nGduCf3txb5SkK7M+WDbb0S5IvNXoi0tc13STiD6Oxg2O9PkSvvYb+8zxlhNoSTwy\n54j7Rf5FlnQ3TAFfjtQ5LCx56LKK73j4RjvKW//ktm5n54exsgo9Ry/e12T46dRg\n7tIlA/91rzLm57Qyc73A7zjgIzef9O6V5ZzowC+pp/jfb5pS9hXgROekLkMgX0vg\niA5rM5OpqK4bArVP1lRWnLyvghwO+TW763RVuXlS0scfzMy4g0NgrG6j7TIOKEqz\n4xQxOuwkudqiQr/kOqKuLxQBXa+5MJkyhfPmqYw5wpqyCwFa/7Q4b3NidWlsZCB0\nZXN0IChvc2J1aWxkIHRlc3QgZ3Bna2V5KSA8b3NidWlsZEBleGFtcGxlLmNvbT6I\newQTEQIAOxYhBGB8woiEPRKBO8Cr31lulpQgMejzBQJkQUiVAhsjBQsJCAcCAiIC\nBhUKCQgLAgQWAgMBAh4HAheAAAoJEFlulpQgMejzapMAoLmUg1mNDTRUaCrN/fzm\nHYLHL6jkAJ9pEKkJQiHB6SfD0fkiD2GkELYLubkBDQRkQUiVEAQAlAAXrQ572vuw\nxI3W8GSZmOQiAYOQmOKRloLEy6VZ3NSOb9y2TXj33QTkJBPOM17AzB7E+YjZrpUt\ngl6LlXmfjMcJAcXhFaUBCilAcMwMlLl7DtnSkLnLIXYmHiN0v83BH/H0EPutOc5l\n0QIyugutifp9SJz2+EWpC4bjA7GFkQ8AAwUD/1tLEGqCJ37O8gfzYt2PWkqBEoOY\n0Z3zwVS6PWW/IIkak9dAJ0iX5NMeFWpzFNfviDPHqhEdUR55zsxyUZIZlCX5jwmA\nt7qm3cbH4HNU1Ogq3Q9hykbTPWPZVkpvNm/TO8TA2brhkz3nuS8Hbmh+rjXFOSZj\nDQBUxItuuj2hhpQEiGAEGBECACAWIQRgfMKIhD0SgTvAq99ZbpaUIDHo8wUCZEFI\nlQIbDAAKCRBZbpaUIDHo83fQAKDHgFIaggaNsvDQkj7vMX0fecHRhACfS9Bvxn2W\nWSb6T+gChmYBseZwk/k=\n=DQ3i\n-----END PGP PUBLIC KEY BLOCK-----\n" + ] + } + ] + } + } +}