Task #8097
closed
Task #7960: FIPS and support for ALLOWED_CONTENT_CHECKSUMS
Create a pair of pulp 2 + pulp 3 FIPS boxes
100%
Description
To test FIPS with migration, we need a CentOS7 box with Pulp2 and Pulp3, where Pulp2 is installed from nightlies and Pulp3 is from source, and FIPS needs to be enabled.
Exactly like the pulp2-nightly-pulp3-source-centos7 box, just with FIPS enabled.
Updated by ttereshc almost 3 years ago
- Subject changed from Create a pulp2-nightly-pulp3-source-centos8_fips box to Create a pulp2-nightly-pulp3-source-centos8-fips box
Updated by ttereshc almost 3 years ago
- Subject changed from Create a pulp2-nightly-pulp3-source-centos8-fips box to Create a pulp2-nightly-pulp3-source-centos7-fips box
- Description updated (diff)
Updated by ggainey almost 3 years ago
This actually needs to be 2 boxes. Pulp2 can only be installed on Centos7. However, CentOS7 isn't patched in a way that supports what we need in a FIPS context, so we need CentOS8 for pulp3. Therefore, this task is really "we need a 2-box setup for testing 2to3 minration in a FIPS context".
Updated by daviddavis almost 3 years ago
Here was the issue with testing Pulp 3 against python 3.6 on CentOS 7: https://bugzilla.redhat.com/show_bug.cgi?id=1811170
Updated by mdepaulo@redhat.com almost 3 years ago
- Assignee set to mdepaulo@redhat.com
Updated by mdepaulo@redhat.com almost 3 years ago
As mentioned at the FIPS check-in meeting:
- I decided not to go with the 2 VMs with NFS approach.
- Instead, I am going with a CentOS 8 VM (Pulp 3) + a CentOS 7 container (Pulp 2) on top of it.
- I am trying to get the Vagrant docker provider (plugin) to run the container on top of the VM. So that the container is provisioned via Ansible. This is a stated feature of it. If not, I could work around it probably, but still.
- This approach does not support SELinux in the Centos 7 Pulp 2 container. I need to verify with Brian or Tanya that this is OK.
Updated by mdepaulo@redhat.com almost 3 years ago
- Subject changed from Create a pulp2-nightly-pulp3-source-centos7-fips box to Create a pair of pulp 2 + pulp 3 FIPS boxes
Added by Mike DePaulo over 2 years ago
Added by Mike DePaulo over 2 years ago
Revision fe77fd50 | View on GitHub
Create a pair of pulp 2 + pulp 3 FIPS boxes
Implemented the Pulp 2 box (CentOS 7, no SELinux) as a container on top of the Pulp 3 box (CentOS 8, can run SELinux.)
fixes: #8097
Updated by Anonymous over 2 years ago
- Status changed from ASSIGNED to MODIFIED
- % Done changed from 0 to 100
Applied in changeset ansible-pulp|fe77fd50a0df9e5ac2bc27cfa2afdce1f4fda309.
Updated by mdellweg over 2 years ago
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
.
Create a pair of pulp 2 + pulp 3 FIPS boxes
Implemented the Pulp 2 box (CentOS 7, no SELinux) as a container on top of the Pulp 3 box (CentOS 8, can run SELinux.)
fixes: #8097