test/e2e: remove FIPS test

First, creating a global file /etc/system-fips was never a good idea for testing as it affects other running tests at the same time. And as of a recent change to FIPS mounts[1] we no longer use the file so the test breaks with c/common v0.61. Instead it uses the kernel file /proc/sys/crypto/fips_enabled which requires the real fips mode to be activated and that in turn requires a reboot. As such this is not somthing that can be tested in upstream CI like that. [1] containers/common#2174 Signed-off-by: Paul Holzinger <[email protected]>
Luap99 · Nov 12, 2024 · 0a1363d · 0a1363d
1 parent 42e8322
commit 0a1363d
Showing 1 changed file with 0 additions and 15 deletions.
diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go
@@ -1034,21 +1034,6 @@ echo -n madeit-$teststring >$tmpfile
 		Expect(session.OutputToString()).To(ContainSubstring("key.pem"))
 	})
 
-	It("podman run with FIPS mode secrets", func() {
-		SkipIfRootless("rootless can not manipulate system-fips file")
-		fipsFile := "/etc/system-fips"
-		err = os.WriteFile(fipsFile, []byte{}, 0755)
-		Expect(err).ToNot(HaveOccurred())
-
-		session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "ls", "/run/secrets"})
-		session.WaitWithDefaultTimeout()
-		Expect(session).Should(ExitCleanly())
-		Expect(session.OutputToString()).To(ContainSubstring("system-fips"))
-
-		err = os.Remove(fipsFile)
-		Expect(err).ToNot(HaveOccurred())
-	})
-
 	It("podman run without group-add", func() {
 		session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "id"})
 		session.WaitWithDefaultTimeout()