Closed pablo-herranz closed 3 months ago
@pablo-herranz Please also remove the -e '/fips/d'
in .github/workflows/ci.yaml
from line 51, so that we can run the fips tests on github too.
The function
test_openssl_fips_hashes
is still being skipped.
After removing the -e '/fips/d'
in .github/workflows/ci.yaml
, the function test_openssl_fips_hashes
has started to fail in the image registry.suse.de/suse/sle-15-sp3/update/cr/totest/images/bci/bci-base:15.3
.
========================================================================================================== short test summary info ===========================================================================================================
FAILED tests/test_fips.py::test_openssl_fips_hashes[bci/bci-base:15.3 from registry.suse.de/suse/sle-15-sp3/update/cr/totest/images/bci/bci-base:15.3] - AssertionError: assert 0 != 0
+ where 0 = CommandResult(backend=<testinfra.backend.podman.PodmanBackend object at 0x7fc321eee1d0>, exit_status=0, command=b'openssl blake2b512 /dev/null', _stdout=b'BLAKE2b512(/dev/null)= 786a02f742015903c6c6fd852552d272912f4740e15847618a86e217f71f5419d25e1031afee585313896444934eb04b903a685b1448b755d56f701afe9be2ce\n', _stderr=b'').rc
FAILED tests/test_fips.py::test_openssl_fips_hashes[suse/ltss/sle15.3/bci-base:15.3 from registry.suse.de/suse/sle-15-sp3/update/cr/totest/images/suse/ltss/sle15.3/bci-base:15.3] - AssertionError: assert 0 != 0
+ where 0 = CommandResult(backend=<testinfra.backend.podman.PodmanBackend object at 0x7fc320b2a4d0>, exit_status=0, command=b'openssl blake2b512 /dev/null', _stdout=b'BLAKE2b512(/dev/null)= 786a02f742015903c6c6fd852552d272912f4740e15847618a86e217f71f5419d25e1031afee585313896444934eb04b903a685b1448b755d56f701afe9be2ce\n', _stderr=b'').rc
============================================================================================ 2 failed, 2 passed, 112 skipped in 72.50s (0:01:12) =============================================================================================
@pablo-herranz you need to apply the same logic to the parameters of test_openssl_fips_hashes
as well
For FIPS images we need to run the FIPS tests, even when those are running on non-FIPS hosts. Currently the FIPS tests are skipped on non-FIPS hosts. We need to add an exception for the FIPS images in BCI-Tests