misc: add fips test #459

tormath1 · 2023-10-04T14:55:59Z

This is documented for now but not tested: https://www.flatcar.org/docs/latest/setup/security/fips/

Out of the box config is available since OpenSSL 3.0.8 for Flatcar, so the incoming Stable will work - we only exclude LTS. It does not mean that FIPS does not work on LTS, it's just that it takes extra steps to activate it.

krnowak · 2023-10-10T05:46:22Z

kola/tests/misc/fips.go

+	// It works because SHA is FIPS compliant.
+	c.MustSSH(m, "echo Flatcar | openssl sha512 -")
+
+	// Should exits with 0.


Suggested change

// Should exits with 0.

// Should exit with 0.

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>

tormath1 self-assigned this Oct 4, 2023

tormath1 mentioned this pull request Oct 4, 2023

fips: remove the enable-fips service flatcar-archive/flatcar-docs#339

Merged

tormath1 marked this pull request as ready for review October 4, 2023 15:04

tormath1 requested a review from a team October 4, 2023 15:04

krnowak approved these changes Oct 10, 2023

View reviewed changes

misc: add fips test

f4253bd

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>

tormath1 force-pushed the tormath1/fips branch from 1d1241f to f4253bd Compare October 10, 2023 08:17

krnowak approved these changes Oct 10, 2023

View reviewed changes

tormath1 merged commit a465876 into flatcar-master Oct 10, 2023
2 checks passed

tormath1 deleted the tormath1/fips branch October 10, 2023 08:31

github-actions bot mentioned this pull request Nov 9, 2023

Monthly contributions report 2023-09-22 - 2023-10-21 flatcar/Flatcar#1244

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

misc: add fips test #459

misc: add fips test #459

tormath1 commented Oct 4, 2023

krnowak Oct 10, 2023

misc: add fips test #459

misc: add fips test #459

Conversation

tormath1 commented Oct 4, 2023

krnowak Oct 10, 2023

Choose a reason for hiding this comment