diff --git a/schedule/sles4sap/qam/common/qam_hana_cluster_node.yaml b/schedule/sles4sap/qam/common/qam_hana_cluster_node.yaml index 472856a6590e..212cf8ae9ff0 100644 --- a/schedule/sles4sap/qam/common/qam_hana_cluster_node.yaml +++ b/schedule/sles4sap/qam/common/qam_hana_cluster_node.yaml @@ -40,6 +40,7 @@ schedule: - boot/boot_to_desktop - ha/wait_barriers - console/system_prepare + - '{{setup_fips}}' - console/consoletest_setup - console/check_os_release - console/hostname @@ -91,3 +92,7 @@ conditional_schedule: WMP: 1: - kernel/wmp_simple + setup_fips: + FIPS_INSTALLATION: + 1: + - fips/fips_setup diff --git a/schedule/sles4sap/qam/common/qam_install_sles4sap.yaml b/schedule/sles4sap/qam/common/qam_install_sles4sap.yaml index ecc01f6e3fee..5746f31a869b 100644 --- a/schedule/sles4sap/qam/common/qam_install_sles4sap.yaml +++ b/schedule/sles4sap/qam/common/qam_install_sles4sap.yaml @@ -31,6 +31,7 @@ schedule: - installation/first_boot - '{{patch_and_reboot}}' - console/system_prepare + - '{{setup_fips}}' - '{{test_sles4sap}}' - '{{scc_deregister}}' - '{{generate_image}}' @@ -120,3 +121,7 @@ conditional_schedule: - shutdown/grub_set_bootargs - shutdown/cleanup_before_shutdown - shutdown/shutdown + setup_fips: + FIPS_ENABLED: + 1: + - fips/fips_setup diff --git a/schedule/sles4sap/qam/common/qam_sles4sap_fips_mau-extratests.yaml b/schedule/sles4sap/qam/common/qam_sles4sap_fips_mau-extratests.yaml new file mode 100644 index 000000000000..78bcf6ae52e0 --- /dev/null +++ b/schedule/sles4sap/qam/common/qam_sles4sap_fips_mau-extratests.yaml @@ -0,0 +1,45 @@ +--- +name: sles4sap_mau-extratests +description: CLI extratests for SLES for SAP FIPS Vendor Affirmation +schedule: + - boot/boot_to_desktop + - fips/fips_setup + - console/prepare_test_data + - console/consoletest_setup + - sles4sap/patterns + - fips/gnutls/gnutls_base_check + - fips/openjdk/openjdk_fips + - console/curl_ipv6 + - console/wget_ipv6 + - console/ca_certificates_mozilla + - console/unzip + - console/rsync + - console/shells + - console/dstat + - console/supportutils + - console/mdadm + - console/quota + - console/vhostmd + - console/rpcbind + - console/timezone + - console/procps + - console/iotop + - console/kmod + - console/suse_module_tools + - console/aaa_base + - console/gd + - console/vsftpd + - console/coredump_collect + - console/osinfo_db + - console/ovn + - console/firewalld + - console/libgcrypt + - console/zziplib + - console/nginx + - console/sysctl + - '{{arch_specific}}' +conditional_schedule: + arch_specific15_sp4: + ARCH: + x86_64: + - console/ansible diff --git a/schedule/sles4sap/qam/common/qam_sles4sap_test.yaml b/schedule/sles4sap/qam/common/qam_sles4sap_test.yaml index 07e57bb7cd9c..e0c413d7a72d 100644 --- a/schedule/sles4sap/qam/common/qam_sles4sap_test.yaml +++ b/schedule/sles4sap/qam/common/qam_sles4sap_test.yaml @@ -8,6 +8,7 @@ vars: schedule: - boot/boot_to_desktop - console/system_prepare + - '{{setup_fips}}' - sles4sap/patterns - '{{module_to_test}}' conditional_schedule: @@ -17,3 +18,7 @@ conditional_schedule: - sles4sap/sapconf saptune: - sles4sap/saptune + setup_fips: + FIPS_INSTALLATION: + 1: + - fips/fips_setup diff --git a/schedule/sles4sap/qam/common/qam_test_hana.yaml b/schedule/sles4sap/qam/common/qam_test_hana.yaml index e314e5fd782e..cd2beba25600 100644 --- a/schedule/sles4sap/qam/common/qam_test_hana.yaml +++ b/schedule/sles4sap/qam/common/qam_test_hana.yaml @@ -13,6 +13,7 @@ vars: schedule: - boot/boot_to_desktop - console/system_prepare + - '{{setup_fips}}' - sles4sap/patterns - '{{cli_install}}' - '{{wizard_install}}' @@ -26,3 +27,7 @@ conditional_schedule: WIZARD: 1: - sles4sap/wizard_hana_install + setup_fips: + FIPS_INSTALLATION: + 1: + - fips/fips_setup diff --git a/schedule/sles4sap/qam/common/qam_test_netweaver.yaml b/schedule/sles4sap/qam/common/qam_test_netweaver.yaml index 6e34873ce07d..3d068d0c04f6 100644 --- a/schedule/sles4sap/qam/common/qam_test_netweaver.yaml +++ b/schedule/sles4sap/qam/common/qam_test_netweaver.yaml @@ -11,6 +11,12 @@ vars: schedule: - boot/boot_to_desktop - console/system_prepare + - '{{setup_fips}}' - sles4sap/patterns - sles4sap/netweaver_install - sles4sap/netweaver_test_instance +conditional_schedule: + setup_fips: + FIPS_INSTALLATION: + 1: + - fips/fips_setup diff --git a/schedule/sles4sap/qam/common/sles4sap_fips_crypt_openjdk.yaml b/schedule/sles4sap/qam/common/sles4sap_fips_crypt_openjdk.yaml new file mode 100644 index 000000000000..b75d3e27e7dc --- /dev/null +++ b/schedule/sles4sap/qam/common/sles4sap_fips_crypt_openjdk.yaml @@ -0,0 +1,12 @@ +name: sles4sap_fips_crypt_openjdk +description: > + Schedule to test crypt and openjdk in SLES for SAP. +schedule: + - boot/boot_to_desktop + - console/consoletest_setup + - fips/fips_setup + - console/gpg + - sles4sap/patterns + - fips/gnutls/gnutls_base_check + - fips/openjdk/openjdk_fips + - fips/mozilla_nss/nss_smoke diff --git a/tests/sles4sap/hana_cluster.pm b/tests/sles4sap/hana_cluster.pm index c0fd92a11337..9686bb05352c 100644 --- a/tests/sles4sap/hana_cluster.pm +++ b/tests/sles4sap/hana_cluster.pm @@ -32,6 +32,10 @@ sub hanasr_angi_hadr_providers_setup { assert_script_run "su - $sapadm -c 'sapcontrol -nr $instance_id -function StartSystem HDB'"; } +sub is_fips_scenario { + return (get_var('FIPS_INSTALLATION') || get_var('FIPS_ENABLED')); +} + sub run { my ($self) = @_; my $instance_id = get_required_var('INSTANCE_ID'); @@ -66,7 +70,7 @@ sub run { '%VIRTUAL_IP_NETMASK%' => $virtual_netmask); foreach ($node1, $node2) { - add_to_known_hosts($_); + add_to_known_hosts($_) unless is_fips_scenario; } assert_script_run "scp -qr /usr/sap/${sid}/SYS/global/security/rsecssfs/* root\@${node2}:/usr/sap/${sid}/SYS/global/security/rsecssfs/"; assert_script_run qq(su - $sapadm -c "hdbsql -u system -p $sles4sap::instance_password -i $instance_id -d SYSTEMDB \\"BACKUP DATA FOR FULL SYSTEM USING FILE ('backup')\\""), 900;