SSL Certs Integration test failing on GCE noble and oracular

[a-dubs]

The certs_installed test (tests.integration_tests.modules.test_ca_certs.TestCaCerts.test_cert_installed) is failing on GCE on noble and oracular since Aug 2nd (20240802)

Just want to leave this here as a TODO. this needs a bit of investigation into: 1) Why this is occuring on GCE only 2) Why this is occuring on noble and oracular only

recent test failures: https://jenkins.canonical.com/server-team/view/cloud-init/job/cloud-init-integration-noble-gce/143/testReport/junit/tests.integration_tests.modules.test_ca_certs/TestCaCerts/test_cert_installed/

https://jenkins.canonical.com/server-team/view/cloud-init/job/cloud-init-integration-oracular-gce/46/testReport/junit/tests.integration_tests.modules.test_ca_certs/TestCaCerts/test_cert_installed/

[blackboxsw]

This appears to be directly related to GoogleGuestAgent adding root cert authority on Noble and later. From journalctl on a failing noble instance I see the following:

• /etc/ssl/certs/ca-certificates.crt contains two certs (cloud-init's and a 2nd cert which is 13 lines and matches /etc/ssl/certs/root.pem.
• /etc/ssl/certs/root.pem has a timestamp that aligns w/ GGA certificate discovery and additions in journalctl -b 0 Aug 14 22:40:30.790903 i0-gce-integration-test-0814-223943 google_guest_agent[1415]: Certificate "/run/google-mds-mtls/root.crt" added to system store successfully Updating certifica...

I think this integration test shouldn't be validating the checksum, but validating that our cert is actually present as part of the combined certs in /etc/ssl/certs/ca-certificates.crt