Merge pull request #1717 from trevor-vaughan/fix_fips_mode_function

Made fips_check? more generally applicable
voxpupuli · Aug 24, 2021 · 3c32c5b · 3c32c5b
2 parents e710879 + 1a6fb12
commit 3c32c5b
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 16 deletions.
diff --git a/lib/beaker/host.rb b/lib/beaker/host.rb
@@ -211,13 +211,8 @@ def graceful_restarts?
     end
 
     # Returns true if the host is running in FIPS mode.
-    #
-    # We currently only test FIPS mode on Redhat 7. Other detection
-    # modes should be added here if we expand FIPS support to other
-    # platforms.
     def fips_mode?
-      case self['platform']
-      when /el-7/
+      if self.file_exist?('/proc/sys/crypto/fips_enabled')
         begin
           execute("cat /proc/sys/crypto/fips_enabled") == "1"
         rescue Beaker::Host::CommandFailure

diff --git a/spec/beaker/host_spec.rb b/spec/beaker/host_spec.rb
@@ -832,21 +832,29 @@ module Beaker
     end
 
     describe "#fips_mode?" do
-      it 'returns false on non-el7 hosts' do
+      it 'returns false on non-linux hosts' do
         @platform = 'windows'
+        expect(host).to receive(:file_exist?).with('/proc/sys/crypto/fips_enabled').and_return(false)
         expect(host.fips_mode?).to be false
       end
 
-      it 'returns true when the `fips_enabled` file is present and contains "1"' do
-        @platform = 'el-7'
-        expect(host).to receive(:execute).with("cat /proc/sys/crypto/fips_enabled").and_return("1")
-        expect(host.fips_mode?).to be true
-      end
+      platforms = ['el-7', 'el-8', 'centos']
 
-      it 'returns false when the `fips_enabled` file is present and contains "0"' do
-        @platform = 'el-7'
-        expect(host).to receive(:execute).with("cat /proc/sys/crypto/fips_enabled").and_return("0")
-        expect(host.fips_mode?).to be false
+      platforms.each do |platform|
+        context "on #{platform}" do
+          it 'returns true when the `fips_enabled` file is present and contains "1"' do
+            @platform = platform
+            expect(host).to receive(:file_exist?).with('/proc/sys/crypto/fips_enabled').and_return(true)
+            expect(host).to receive(:execute).with("cat /proc/sys/crypto/fips_enabled").and_return("1")
+            expect(host.fips_mode?).to be true
+          end
+
+          it 'returns false when the `fips_enabled` file is present and contains "0"' do
+            @platform = platform
+            expect(host).to receive(:execute).with("cat /proc/sys/crypto/fips_enabled").and_return("0")
+            expect(host.fips_mode?).to be false
+          end
+        end
       end
     end
   end