Project

Profile

Help

Send by e-mail

Task #8097

Story #7960: FIPS and support for ALLOWED_CONTENT_CHECKSUMS

Create a pair of pulp 2 + pulp 3 FIPS boxes

Added by ttereshc about 2 months ago. Updated 1 day ago.

Status:
ASSIGNED
Priority:
Normal
Assignee:
mdepaulo@redhat.com
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Dev Environment
Sprint:
Sprint 92
Quarter:

Description

To test FIPS with migration, we need a CentOS7 box with Pulp2 and Pulp3, where Pulp2 is installed from nightlies and Pulp3 is from source, and FIPS needs to be enabled.

Exactly like the pulp2-nightly-pulp3-source-centos7 box, just with FIPS enabled.

History

#1 Updated by ttereshc about 2 months ago

  • Subject changed from Create a pulp2-nightly-pulp3-source-centos8_fips box to Create a pulp2-nightly-pulp3-source-centos8-fips box

#2 Updated by daviddavis about 2 months ago

  • Sprint set to Sprint 88

#3 Updated by ttereshc about 1 month ago

  • Subject changed from Create a pulp2-nightly-pulp3-source-centos8-fips box to Create a pulp2-nightly-pulp3-source-centos7-fips box
  • Description updated (diff)

#4 Updated by rchan about 1 month ago

  • Sprint changed from Sprint 88 to Sprint 89

#5 Updated by rchan about 1 month ago

  • Sprint changed from Sprint 89 to Sprint 90

#6 Updated by ggainey 26 days ago

This actually needs to be 2 boxes. Pulp2 can only be installed on Centos7. However, CentOS7 isn't patched in a way that supports what we need in a FIPS context, so we need CentOS8 for pulp3. Therefore, this task is really "we need a 2-box setup for testing 2to3 minration in a FIPS context".

#7 Updated by daviddavis 26 days ago

Here was the issue with testing Pulp 3 against python 3.6 on CentOS 7: https://bugzilla.redhat.com/show_bug.cgi?id=1811170

#8 Updated by mdepaulo@redhat.com 23 days ago

  • Assignee set to mdepaulo@redhat.com

#9 Updated by daviddavis 22 days ago

  • Status changed from NEW to ASSIGNED

#10 Updated by rchan 15 days ago

  • Sprint changed from Sprint 90 to Sprint 91

#11 Updated by mdepaulo@redhat.com 6 days ago

As mentioned at the FIPS check-in meeting:

  1. I decided not to go with the 2 VMs with NFS approach.
  2. Instead, I am going with a CentOS 8 VM (Pulp 3) + a CentOS 7 container (Pulp 2) on top of it.
  3. I am trying to get the Vagrant docker provider (plugin) to run the container on top of the VM. So that the container is provisioned via Ansible. This is a stated feature of it. If not, I could work around it probably, but still.
  4. This approach does not support SELinux in the Centos 7 Pulp 2 container. I need to verify with Brian or Tanya that this is OK.

#12 Updated by mdepaulo@redhat.com 3 days ago

  • Subject changed from Create a pulp2-nightly-pulp3-source-centos7-fips box to Create a pair of pulp 2 + pulp 3 FIPS boxes

#13 Updated by rchan 1 day ago

  • Sprint changed from Sprint 91 to Sprint 92

Please register to edit this issue

Send by e-mail

Also available in: Atom PDF