Add FIPS enabled scenario jobs

Add ML2/OVS and ML2/OVN tempest jobs with FIPS enabled. Right now, the FIPS jobs run on Centos 8 stream. For now those jobs are added to the experimental queue but we should think about adding them to periodic maybe. In the Wallaby backport we additionally had to disable TLS due to bug [1]. [1] https://bugs.launchpad.net/neutron/+bug/1911128 Co-Authored-By: Slawek Kaplonski <skaplons@redhat.com> Conflicts: zuul.d/project.yaml Change-Id: I974c7d04d13a87bbbd4de6164578724a2cfd85cc (cherry picked from commit a1a895a6e5)
2021-06-22 15:43:27 -04:00 · 2021-06-22 15:43:27 -04:00 · 8b71efd792
parent e480704a8c
commit 8b71efd792
2 changed files with 41 additions and 0 deletions
--- a/zuul.d/job-templates.yaml
+++ b/zuul.d/job-templates.yaml
@ -40,6 +40,8 @@
        - neutron-fullstack-with-uwsgi-fips
        - neutron-grenade-ovn
        - neutron-tempest-with-uwsgi-loki
+        - neutron-ovs-tempest-fips
+        - neutron-ovn-tempest-ovs-release-fips

 - project-template:
    name: neutron-periodic-jobs
--- a/zuul.d/tempest-singlenode.yaml
+++ b/zuul.d/tempest-singlenode.yaml
@ -457,3 +457,42 @@
    name: neutron-ovn-tempest-ovs-release
    description: Job testing for devstack/tempest testing Neutron with ovn driver and latest released OVN branch
    parent: neutron-ovn-base
+
+- job:
+    name: neutron-ovs-tempest-fips
+    parent: neutron-ovs-base
+    nodeset: devstack-single-node-centos-8-stream
+    description: |
+      Scenario testing for a FIPS enabled Centos 8 system
+    pre-run: playbooks/enable-fips.yaml
+    vars:
+      configure_swap_size: 4096
+      devstack_services:
+        br-ex-tcpdump: true
+        br-int-flows: true
+        tls-proxy: false
+      devstack_local_conf:
+        test-config:
+          "$TEMPEST_CONFIG":
+            validation:
+              ssh_key_type: 'ecdsa'
+
+
+- job:
+    name: neutron-ovn-tempest-ovs-release-fips
+    parent: neutron-ovn-tempest-ovs-release
+    nodeset: devstack-single-node-centos-8-stream
+    description: |
+      Scenario testing for a FIPS enabled Centos 8 system
+    pre-run: playbooks/enable-fips.yaml
+    vars:
+      configure_swap_size: 4096
+      devstack_local_conf:
+        test-config:
+          "$TEMPEST_CONFIG":
+            validation:
+              ssh_key_type: 'ecdsa'
+      devstack_localrc:
+        ENABLE_TLS: False
+      devstack_services:
+        tls-proxy: false