tests: enable testing with snapd snap FIPS variant #14476
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bboozzoo
force-pushed
the
bboozzoo/fips-snap-test
branch
3 times, most recently
from
ce5476e
to
9cc5ae2
Compare
zyga
approved these changes
Sep 11, 2024
build-aux/snap/snapcraft.yaml
Outdated
| echo "-- appending FIPS tag to version $VERSION" | ||
| VERSION="$VERSION-fips" | ||
| if [ "${VERSION%/+fips/}" != "$VERSION" ] ; then | ||
| # we gave a '+fips' element in the version |
bboozzoo
force-pushed
the
bboozzoo/fips-snap-test
branch
from
370abed
to
6f7de3b
Compare
zyga
approved these changes
Sep 12, 2024
| fi | ||
| # TODO detect when doing a FIPS snap build on LP |
There was a problem hiding this comment.
build-aux/snap/snapcraft.yaml
Outdated
| if [ "${VERSION%/+fips/}" != "$VERSION" ] ; then | ||
| # we have a '+fips' element in the version, which may be coming from | ||
| # debian/changelog or git tag | ||
| echo "-- deteceted FIPS build" |
build-aux/snap/snapcraft.yaml
Outdated
| if [ -f fips-build ] ; then | ||
| echo "-- appending FIPS tag to version $VERSION" | ||
| VERSION="$VERSION-fips" | ||
| if [ "${VERSION%/+fips/}" != "$VERSION" ] ; then |
There was a problem hiding this comment.
Did you mean "${VERSION%+fips}" or "${VERSION/%+fips/}"?
There was a problem hiding this comment.
ah yes, too many changes going back and forth, /+fips/ let me fix that
There was a problem hiding this comment.
Ah, so if it was supposed to be /+fips/ it does not have to end with then. Is that what you wanted?
There was a problem hiding this comment.
it's just a simplification, debian/rules checks simply checks for +fips too (not necessarily at the end), but we'll only ever append +fips as a suffix in teh changelog
build-aux/snap/snapcraft.yaml
Outdated
| # TODO detect when doing a FIPS snap build on LP | ||
|
|
||
| if [ -f fips-build ]; then | ||
| if [ "${VERSION%/+fips/}" = "$VERSION" ] ; then |
There was a problem hiding this comment.
Same here, did you mean "${VERSION%+fips}" or "${VERSION/%+fips/}"?
Signed-off-by: Maciej Borzecki <[email protected]>
Extend the test to verify FIPS snapd support when it's running from the snapd snap. Signed-off-by: Maciej Borzecki <[email protected]>
Download either a regular of a FIPS snap artifact depending on systems group the test workflow has been started for. Signed-off-by: Maciej Borzecki <[email protected]>
Signed-off-by: Maciej Borzecki <[email protected]>
Do the same as we do for the deb. Signed-off-by: Maciej Borzecki <[email protected]>
Signed-off-by: Maciej Borzecki <[email protected]>
Signed-off-by: Maciej Borzecki <[email protected]>
Add a very ugly check for the presence of 1.21 FIPS toolchain. Signed-off-by: Maciej Borzecki <[email protected]>
Set snapdfips build tag when building in FIPS mode. Signed-off-by: Maciej Borzecki <[email protected]>
Signed-off-by: Maciej Borzecki <[email protected]>
bboozzoo
force-pushed
the
bboozzoo/fips-snap-test
branch
from
6f7de3b
to
d25cf94
Compare
valentindavid
approved these changes
Sep 13, 2024
|
Failing tests:
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Based on #14439. Add spread testing of FIPS snap variant.
Related: SNAPDENG-23245