Skip to content

tuftool: add manual testing steps for FIPS tuf repos #875

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

tuftool: add manual testing steps for FIPS tuf repos #875

wants to merge 1 commit into from

Conversation

ginglis13
Copy link
Contributor

Issue #, if available:

Related: #866

Description of changes:

Add instructions and resources for manually testing tuftool's FIPS feature to allow for easily repeatable testing. The instructions walk through creating a local TUF repo, serving the TUF repo via a Docker container, and downloading the repo via tuftool.

Testing:

Ran the testing instructions on a clean checkout of tough

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

sam-berning
sam-berning approved these changes May 6, 2025
View reviewed changes
Copy link
Contributor

@sam-berning sam-berning left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice work! Ran the tests and the runbook was super easy to follow.

@ginglis13 ginglis13 force-pushed the fips-manual-testing-steps branch from 57778fc to 83e684b Compare May 7, 2025 17:31
arnaldo2792
arnaldo2792 requested changes May 19, 2025
View reviewed changes
@ginglis13 ginglis13 force-pushed the fips-manual-testing-steps branch from 83e684b to 3a28ce4 Compare May 27, 2025 17:52
@ginglis13
Copy link
Contributor Author

^ force push uses local keys instead of relying on KMS

@ginglis13 ginglis13 requested a review from arnaldo2792 May 27, 2025 21:43
arnaldo2792
arnaldo2792 reviewed May 28, 2025
View reviewed changes
@ginglis13 ginglis13 force-pushed the fips-manual-testing-steps branch 2 times, most recently from 6f49bfd to 73180c8 Compare May 28, 2025 16:45
@ginglis13
Copy link
Contributor Author

^ force push runs containers in detached mode with steps to stop them by name, logs nginx errors to stdout

@ginglis13 ginglis13 requested a review from arnaldo2792 May 28, 2025 17:58
arnaldo2792
arnaldo2792 approved these changes Jun 3, 2025
View reviewed changes
@ginglis13
tuftool: add manual testing steps for FIPS tuf repos
a75bd17 
Add instructions and resources for manually testing tuftool's FIPS
feature to allow for easily repeatable testing. The instructions walk
through creating a local TUF repo, serving the TUF repo via a Docker
container, and downloading the repo via tuftool.

Signed-off-by: Gavin Inglis <giinglis@amazon.com>
@ginglis13 ginglis13 force-pushed the fips-manual-testing-steps branch from 73180c8 to a75bd17 Compare June 3, 2025 17:26
@ginglis13
Copy link
Contributor Author

^ force push writes access logs to stdout per @arnaldo2792 feedback

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arnaldo2792 arnaldo2792 arnaldo2792 approved these changes

@sam-berning sam-berning sam-berning approved these changes

@cbgbt cbgbt Awaiting requested review from cbgbt

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ginglis13 @arnaldo2792 @sam-berning