[Enhancement] Add FIPS enabled docker to test digest/signature correctly #2119

peterzhuamazon · 2022-05-13T13:59:42Z

After #2099 closed we now have these setups for rpm:

This requires us to generate the RPM on rpm 4.12+ available machine, and #2113 fix that one already.

Next step is to add testing once the signing workflow is updated to be able to sign staging RPMs.

We need:

Exchange the RPM validation docker image from centos7 to a rockylinux8 based FIPS enabled machine, require new dockerfile and more research on how to enable FIPS on a docker image
Add test cases in RPM validation for these checks with rpm -K -v <>.

Thanks.

The text was updated successfully, but these errors were encountered:

peterzhuamazon · 2022-05-17T00:16:15Z

peterzhuamazon · 2022-06-07T17:13:05Z

Realize that non-FIPS enabled machine can also check digests as long as it is on a FIPS-capable machine like Rockylinux8.
Close this.

peterzhuamazon added enhancement New Enhancement cicd jenkins Jenkins related issue rpm labels May 13, 2022

peterzhuamazon mentioned this issue May 13, 2022

[RPM M6] Validate package signing/checkout #1556

Open

peterzhuamazon self-assigned this May 17, 2022

peterzhuamazon mentioned this issue May 17, 2022

[RELEASE] Release version 2.0.0 #2086

Closed

46 tasks

peterzhuamazon closed this as completed Jun 7, 2022

Provide feedback