Task #6983
closedStory #3778: [Epic] As a user, I can run Pulp 3 in a FIPS-enabled environment
As a developer using pulplift I have a FIPS enabled CentOS 8 environment
0%
Updated by daviddavis over 4 years ago
- Groomed changed from No to Yes
- Sprint Candidate changed from No to Yes
Updated by daviddavis over 4 years ago
My suggestion here would be to create a centos 8 fips box and push it up to https://app.vagrantup.com/. We did this for centos 7:
https://app.vagrantup.com/pulp/boxes/centos7-fips
Here is an ansible playbook task from Foreman that will set FIPS:
https://github.com/theforeman/forklift/blob/master/roles/fips/tasks/main.yml
Note that we tried to use this ^ for pulplift but the reboot step took a while and caused later provisioning steps to sometimes fail so it's better to create a fips-enabled base box.
Updated by mdellweg over 4 years ago
As per CI-Meeting, it was stated that this can be established by providing a kernel parameter.
There is a cmd_line
option for the libvirt vagrant provider [0] that claims to append to the kernel command line.
[0] https://github.com/vagrant-libvirt/vagrant-libvirt#domain-specific-options
Updated by mdepaulo@redhat.com over 4 years ago
- Status changed from NEW to CLOSED - COMPLETE
Added to pulplift: https://github.com/pulp/pulplift/pull/97