From 57afb7514d5c123779601cae77d016bf6de8a5f1 Mon Sep 17 00:00:00 2001
From: umohnani8 <umohnani@redhat.com>
Date: Thu, 19 Apr 2018 10:25:01 -0400
Subject: Add FIPS mode secret

If the host is in FIPS mode and /etc/system-fips exists
/run/secrets/system-fips is created in the container so that
the container can run in FIPS mode as well.

Signed-off-by: umohnani8 <umohnani@redhat.com>
---
 test/e2e/run_test.go | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'test/e2e')

diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go
index 66e5791a7..501434852 100644
--- a/test/e2e/run_test.go
+++ b/test/e2e/run_test.go
@@ -302,6 +302,20 @@ var _ = Describe("Podman run", func() {
 		Expect(err).To(BeNil())
 	})
 
+	It("podman run with FIPS mode secrets", func() {
+		fipsFile := "/etc/system-fips"
+		err = ioutil.WriteFile(fipsFile, []byte{}, 0755)
+		Expect(err).To(BeNil())
+
+		session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "ls", "/run/secrets"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		Expect(session.OutputToString()).To(ContainSubstring("system-fips"))
+
+		err = os.Remove(fipsFile)
+		Expect(err).To(BeNil())
+	})
+
 	It("podman run without group-add", func() {
 		session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "id"})
 		session.WaitWithDefaultTimeout()
-- 
cgit v1.2.3-54-g00ecf