Issue #9315: [tests] test_ipa_healthcheck_fips_enabled fails on system without fips-mode-setup - freeipa

freeipa

#9315 [tests] test_ipa_healthcheck_fips_enabled fails on system without fips-mode-setup

Closed: fixed 2 years ago by frenaud. Opened 2 years ago by slev.

test_ipa_healthcheck_fips_enabled fails if system doesn't have fips-mode-setup:

    =================================== FAILURES ===================================
    _____________ TestIpaHealthCheck.test_ipa_healthcheck_fips_enabled _____________

    self = <ipatests.test_integration.test_ipahealthcheck.TestIpaHealthCheck object at 0x7f54fa503cd0>

        def test_ipa_healthcheck_fips_enabled(self):
            """
            Test if FIPS is enabled and the check exists.

            https://pagure.io/freeipa/issue/8951
            """
            returncode, check = run_healthcheck(self.master,
                                                source="ipahealthcheck.meta.core",
                                                check="MetaCheck",
                                                output_type="json",
                                                failures_only=False)
            assert returncode == 0

            cmd = self.master.run_command(['fips-mode-setup', '--is-enabled'],
                                          raiseonerr=False)
            returncode = cmd.returncode

            # If this produces IndexError, the check does not exist
            if check[0]["kw"]["fips"] == "disabled":
                assert returncode == 2
            elif check[0]["kw"]["fips"] == "enabled":
                assert returncode == 0
            else:
    >           assert returncode == 1
    E           assert 127 == 1

    stdout:
    RUN ['ipa-healthcheck', '--source', 'ipahealthcheck.meta.core', '--check', 'MetaCheck', '--output-type', 'json']
    [
      {
        "source": "ipahealthcheck.meta.core",
        "check": "MetaCheck",
        "result": "SUCCESS",
        "uuid": "0bb3a8e0-7dc4-4acb-9d5c-48495475eaf9",
        "when": "20230127090002Z",
        "duration": "1.903630",
        "kw": {
          "key": "meta",
          "fqdn": "master1.ipa.test",
          "fips": "missing /bin/fips-mode-setup",
          "acme": "disabled",
          "ipa_version": "4.9.11",
          "ipa_api_version": "2.251"
        }
      }
    ]
    Exit code: 0

    RUN ['fips-mode-setup', '--is-enabled']
    bash: line 4: fips-mode-setup: command not found
    Exit code: 127

freeipa-healthcheck handles such case:
https://github.com/freeipa/freeipa-healthcheck/blob/c1091f525be536ee85f92c2d9fa20216cad2b187/src/ipahealthcheck/meta/core.py#L28-L29

Metadata Update from @slev:
- Issue assigned to slev

2 years ago

slev commented 2 years ago

pr:
https://github.com/freeipa/freeipa/pull/6643

rcritten commented 2 years ago

master:

203b7d1 ipatests: healthcheck: Handle missing fips-mode-setup

frenaud commented 2 years ago

ipa-4-9:

8d2c8fc ipatests: healthcheck: Handle missing fips-mode-setup

frenaud commented 2 years ago

ipa-4-10:

1be3188 ipatests: healthcheck: Handle missing fips-mode-setup

Metadata Update from @frenaud:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

2 years ago

Metadata

Assignee

slev

Tags

None

Blocking

None

Depending on

None

Priority

None

Milestone

None

affects_doc

None

source

None

knownissue

None

type

None

blockedby

None

test_case

None

component

None

blocking

None

on_review

None

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

tester

None

changelog

None

design

None

rhbz

None

freeipa

Source Code

#9315 [tests] test_ipa_healthcheck_fips_enabled fails on system without fips-mode-setup Closed: fixed 2 years ago by frenaud. Opened 2 years ago by slev.

Metadata

#9315 [tests] test_ipa_healthcheck_fips_enabled fails on system without fips-mode-setup

Closed: fixed 2 years ago by frenaud. Opened 2 years ago by slev.