diff --git a/test/cases/ostree-ami-image.sh b/test/cases/ostree-ami-image.sh index 057d19684..a98886540 100755 --- a/test/cases/ostree-ami-image.sh +++ b/test/cases/ostree-ami-image.sh @@ -79,6 +79,9 @@ SSH_KEY=${SSH_DATA_DIR}/id_rsa SSH_KEY_PUB=$(cat "${SSH_KEY}".pub) IGNITION_USER=core +# Set FIPS variable default +FIPS="${FIPS:-false}" + case "${ID}-${VERSION_ID}" in "rhel-9."*) OSTREE_REF="rhel/9/${ARCH}/edge" @@ -575,7 +578,16 @@ description = "A rhel-edge ami" version = "0.0.1" modules = [] groups = [] +EOF +if [ "${FIPS}" == "true" ]; then + tee -a "$BLUEPRINT_FILE" > /dev/null << EOF +[customizations] +fips = ${FIPS} +EOF +fi + +tee -a "$BLUEPRINT_FILE" > /dev/null << EOF [[customizations.user]] name = "admin" description = "Administrator account" @@ -856,6 +868,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \ -e edge_type=edge-ami-image \ -e ostree_commit="${INSTALL_HASH}" \ -e sysroot_ro="$SYSROOT_RO" \ + -e fips="${FIPS}" \ /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 check_result @@ -1033,6 +1046,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \ -e edge_type=edge-ami-image \ -e ostree_commit="${UPGRADE_HASH}" \ -e sysroot_ro="$SYSROOT_RO" \ + -e fips="${FIPS}" \ /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 check_result diff --git a/test/cases/ostree-ng.sh b/test/cases/ostree-ng.sh index 1d12620b8..bf541ecc2 100755 --- a/test/cases/ostree-ng.sh +++ b/test/cases/ostree-ng.sh @@ -111,6 +111,9 @@ KERNEL_RT_PKG="kernel-rt" # Set up variables. SYSROOT_RO="false" +# Set FIPS variable default +FIPS="${FIPS:-false}" + case "${ID}-${VERSION_ID}" in fedora-*) CONTAINER_TYPE=iot-container @@ -499,7 +502,16 @@ description = "A rhel-edge installer image" version = "0.0.1" modules = [] groups = [] +EOF +if [ "${FIPS}" == "true" ]; then + tee -a "$BLUEPRINT_FILE" > /dev/null << EOF +[customizations] +fips = ${FIPS} +EOF +fi + +tee -a "$BLUEPRINT_FILE" > /dev/null << EOF [[customizations.user]] name = "installeruser" description = "Added by installer blueprint" @@ -628,6 +640,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \ -e embeded_container="${EMBEDED_CONTAINER}" \ -e test_custom_dirs_files="${DIRS_FILES_CUSTOMIZATION}" \ -e sysroot_ro="$SYSROOT_RO" \ + -e fips="${FIPS}" \ /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 check_result @@ -717,6 +730,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \ -e embeded_container="${EMBEDED_CONTAINER}" \ -e test_custom_dirs_files="${DIRS_FILES_CUSTOMIZATION}" \ -e sysroot_ro="$SYSROOT_RO" \ + -e fips="${FIPS}" \ /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 # Check image installation result @@ -901,6 +915,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \ -e embeded_container="${EMBEDED_CONTAINER}" \ -e test_custom_dirs_files="${DIRS_FILES_CUSTOMIZATION}" \ -e sysroot_ro="$SYSROOT_RO" \ + -e fips="${FIPS}" \ /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 check_result diff --git a/test/cases/ostree-raw-image.sh b/test/cases/ostree-raw-image.sh index 1a3a3c587..450d2fb42 100755 --- a/test/cases/ostree-raw-image.sh +++ b/test/cases/ostree-raw-image.sh @@ -104,6 +104,9 @@ KERNEL_RT_PKG="kernel-rt" SYSROOT_RO="false" CUSTOM_DIRS_FILES="false" +# Set FIPS variable default +FIPS="${FIPS:-false}" + case "${ID}-${VERSION_ID}" in "rhel-8"* ) OSTREE_REF="rhel/8/${ARCH}/edge" @@ -418,6 +421,13 @@ modules = [] groups = [] EOF +if [ "${FIPS}" == "true" ]; then + tee -a "$BLUEPRINT_FILE" >> /dev/null << EOF +[customizations] +fips = ${FIPS} +EOF +fi + # User in raw image blueprint is not for RHEL 9.1 and 8.7 # Workaround for RHEL 9.1 and 8.7 nightly test if [[ "$USER_IN_RAW" == "true" ]]; then @@ -573,6 +583,7 @@ EOF -e ostree_commit="${INSTALL_HASH}" \ -e sysroot_ro="$SYSROOT_RO" \ -e test_custom_dirs_files="$CUSTOM_DIRS_FILES" \ + -e fips="${FIPS}" \ /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 check_result @@ -740,6 +751,7 @@ EOF -e ostree_commit="${REBASE_HASH}" \ -e sysroot_ro="$SYSROOT_RO" \ -e test_custom_dirs_files="$CUSTOM_DIRS_FILES" \ + -e fips="${FIPS}" \ /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 check_result @@ -845,6 +857,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \ -e ostree_commit="${INSTALL_HASH}" \ -e sysroot_ro="$SYSROOT_RO" \ -e test_custom_dirs_files="$CUSTOM_DIRS_FILES" \ + -e fips="${FIPS}" \ /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 check_result @@ -1036,6 +1049,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \ -e ostree_commit="${UPGRADE_HASH}" \ -e sysroot_ro="$SYSROOT_RO" \ -e test_custom_dirs_files="$CUSTOM_DIRS_FILES" \ + -e fips="${FIPS}" \ /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 check_result diff --git a/test/cases/ostree-simplified-installer.sh b/test/cases/ostree-simplified-installer.sh index 8b35c1bff..4edb9e647 100755 --- a/test/cases/ostree-simplified-installer.sh +++ b/test/cases/ostree-simplified-installer.sh @@ -1,4 +1,5 @@ #!/bin/bash + set -euo pipefail # Provision the software under test. @@ -125,6 +126,9 @@ SYSROOT_RO="false" ANSIBLE_USER="admin" FDO_USER_ONBOARDING="false" +# Set FIPS variable default +FIPS="${FIPS:-false}" + case "${ID}-${VERSION_ID}" in "rhel-8"* ) OSTREE_REF="rhel/8/${ARCH}/edge" @@ -445,6 +449,12 @@ groups = ["wheel"] installation_device = "/dev/vda" EOF +if [ "${FIPS}" == "true" ]; then + tee -a "$BLUEPRINT_FILE" >> /dev/null << EOF +fips = ${FIPS} +EOF +fi + greenprint "📄 simplified_iso_without_fdo blueprint" cat "$BLUEPRINT_FILE" @@ -547,6 +557,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \ -e edge_type=edge-simplified-installer \ -e fdo_credential="false" \ -e sysroot_ro="$SYSROOT_RO" \ + -e fips="${FIPS}" \ /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 check_result @@ -569,10 +580,17 @@ description = "A rhel-edge simplified-installer image" version = "0.0.1" modules = [] groups = [] - [customizations] installation_device = "/dev/vda" +EOF +if [ "${FIPS}" == "true" ]; then + tee -a "$BLUEPRINT_FILE" >> /dev/null << EOF +fips = ${FIPS} +EOF +fi + +tee -a "$BLUEPRINT_FILE" >> /dev/null << EOF [[customizations.user]] name = "simple" description = "Administrator account" @@ -706,7 +724,7 @@ ansible_python_interpreter=/usr/bin/python3 ansible_user=simple ansible_private_key_file=${SSH_KEY} ansible_ssh_common_args="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" -ansible_become=yes +ansible_become=yes ansible_become_method=sudo ansible_become_pass=${EDGE_USER_PASSWORD} EOF @@ -719,6 +737,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \ -e edge_type=edge-simplified-installer \ -e fdo_credential="true" \ -e sysroot_ro="$SYSROOT_RO" \ + -e fips="${FIPS}" \ /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 check_result @@ -748,7 +767,15 @@ groups = [] [customizations] installation_device = "/dev/vda" +EOF +if [ "${FIPS}" == "true" ]; then + tee -a "$BLUEPRINT_FILE" >> /dev/null << EOF +fips = ${FIPS} +EOF +fi + +tee -a "$BLUEPRINT_FILE" >> /dev/null << EOF [customizations.fdo] manufacturing_server_url="http://${FDO_SERVER_ADDRESS}:8080" diun_pub_key_hash="${DIUN_PUB_KEY_HASH}" @@ -871,7 +898,7 @@ ansible_python_interpreter=/usr/bin/python3 ansible_user=${ANSIBLE_USER} ansible_private_key_file=${SSH_KEY} ansible_ssh_common_args="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" -ansible_become=yes +ansible_become=yes ansible_become_method=sudo ansible_become_pass=${EDGE_USER_PASSWORD} EOF @@ -889,6 +916,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \ -e edge_type=edge-simplified-installer \ -e fdo_credential="true" \ -e sysroot_ro="$SYSROOT_RO" \ + -e fips="${FIPS}" \ /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 check_result @@ -1026,6 +1054,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \ -e edge_type=edge-simplified-installer \ -e fdo_credential="true" \ -e sysroot_ro="$SYSROOT_RO" \ + -e fips="${FIPS}" \ /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 check_result @@ -1062,7 +1091,15 @@ groups = [] [customizations] installation_device = "/dev/vda" +EOF +if [ "${FIPS}" == "true" ]; then + tee -a "$BLUEPRINT_FILE" >> /dev/null << EOF +fips = ${FIPS} +EOF +fi + +tee -a "$BLUEPRINT_FILE" >> /dev/null << EOF [customizations.fdo] manufacturing_server_url="http://${FDO_SERVER_ADDRESS}:8080" diun_pub_key_root_certs=""" @@ -1172,7 +1209,7 @@ ansible_python_interpreter=/usr/bin/python3 ansible_user=admin ansible_private_key_file=${SSH_KEY} ansible_ssh_common_args="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" -ansible_become=yes +ansible_become=yes ansible_become_method=sudo ansible_become_pass=${EDGE_USER_PASSWORD} EOF @@ -1185,6 +1222,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \ -e edge_type=edge-simplified-installer \ -e fdo_credential="true" \ -e sysroot_ro="$SYSROOT_RO" \ + -e fips="${FIPS}" \ /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 check_result @@ -1326,6 +1364,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \ -e edge_type=edge-simplified-installer \ -e fdo_credential="true" \ -e sysroot_ro="$SYSROOT_RO" \ + -e fips="${FIPS}" \ /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 check_result diff --git a/test/cases/ostree-vsphere.sh b/test/cases/ostree-vsphere.sh index a26fca4bc..aac6efb6a 100755 --- a/test/cases/ostree-vsphere.sh +++ b/test/cases/ostree-vsphere.sh @@ -91,8 +91,12 @@ IGNITION_SERVER_URL=http://${HOST_IP_ADDRESS}/ignition IGNITION_USER=core IGNITION_USER_PASSWORD=foobar +# Set up variables. SYSROOT_RO="true" +# Set FIPS variable default +FIPS="${FIPS:-false}" + DATACENTER_70="Datacenter7.0" DATASTORE_70="datastore-80" DATACENTER_70_POOL="/Datacenter7.0/host/Automation/Resources" @@ -420,7 +424,16 @@ description = "A rhel-edge vmdk image" version = "0.0.1" modules = [] groups = [] +EOF +if [ "${FIPS}" == "true" ]; then + tee -a "$BLUEPRINT_FILE" > /dev/null << EOF +[customizations] +fips = ${FIPS} +EOF +fi + +tee -a "$BLUEPRINT_FILE" > /dev/null << EOF [[customizations.user]] name = "admin" description = "Administrator account" @@ -520,6 +533,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \ -e edge_type=edge-vsphere \ -e fdo_credential="false" \ -e sysroot_ro="$SYSROOT_RO" \ + -e fips="${FIPS}" \ /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 check_result @@ -653,6 +667,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \ -e edge_type=edge-vsphere \ -e fdo_credential="false" \ -e sysroot_ro="$SYSROOT_RO" \ + -e fips="${FIPS}" \ /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 check_result