Add FIPS enable multinode job definition
This patch adds a new multinode job definition that enables FIPS mode prior to multinode configuration. In order to enable FIPS mode, the OS boot procedure need to be changed to enable the appropriate kernel flag. This modification has effect only after system reboot. The default behavior of this job is to always enable FIPS mode. Change-Id: I6f1365837d9ed2ba82c391a20f9094c9ef0e6c4e Signed-off-by: Douglas Viroel <dviroel@redhat.com>
This commit is contained in:
parent
d5e4d55c15
commit
9107f3ee7d
@ -6,6 +6,7 @@ General Purpose Jobs
|
|||||||
.. zuul:autojob:: unittests
|
.. zuul:autojob:: unittests
|
||||||
.. zuul:autojob:: markdownlint
|
.. zuul:autojob:: markdownlint
|
||||||
.. zuul:autojob:: multinode
|
.. zuul:autojob:: multinode
|
||||||
|
.. zuul:autojob:: multinode-fips
|
||||||
.. zuul:autojob:: run-test-command
|
.. zuul:autojob:: run-test-command
|
||||||
.. zuul:autojob:: shake-build
|
.. zuul:autojob:: shake-build
|
||||||
.. zuul:autojob:: upload-git-mirror
|
.. zuul:autojob:: upload-git-mirror
|
||||||
|
9
playbooks/enable-fips/pre.yaml
Normal file
9
playbooks/enable-fips/pre.yaml
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
- name: Enable FIPS mode
|
||||||
|
hosts: all
|
||||||
|
tasks:
|
||||||
|
# Enabling FIPS mode requires changes in boot procedure to provide the
|
||||||
|
# appropriate kernel flag. The change has effect only after system reboot.
|
||||||
|
- name: Enable FIPS mode and reboot node
|
||||||
|
include_role:
|
||||||
|
name: enable-fips
|
||||||
|
when: enable_fips | default(true)
|
@ -25,6 +25,16 @@
|
|||||||
overlay networks and setting up known-hosts and ssh keys
|
overlay networks and setting up known-hosts and ssh keys
|
||||||
pre-run: playbooks/multinode/pre.yaml
|
pre-run: playbooks/multinode/pre.yaml
|
||||||
|
|
||||||
|
- job:
|
||||||
|
name: multinode-fips
|
||||||
|
abstract: true
|
||||||
|
description: |
|
||||||
|
Enable fips and do the setup needed for multi-node jobs such as setting
|
||||||
|
up overlay networks and setting up known-hosts and ssh keys
|
||||||
|
pre-run:
|
||||||
|
- playbooks/enable-fips/pre.yaml
|
||||||
|
- playbooks/multinode/pre.yaml
|
||||||
|
|
||||||
- job:
|
- job:
|
||||||
name: run-test-command
|
name: run-test-command
|
||||||
parent: unittests
|
parent: unittests
|
||||||
|
Loading…
Reference in New Issue
Block a user