[PATCH ima-evm-utils] travis: include CentOS stream 8

[PATCH ima-evm-utils] travis: include CentOS stream 8

[Mimi Zohar]

Replace CentOS 8 with CentOS stream 8.
Use podman for both CentOS 7 & 8.

Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---
 .travis.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index bdf78a1b12cd..0b70971a3c76 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -52,11 +52,11 @@ matrix:
           compiler: clang
 
         - os: linux
-          env: DISTRO=centos:7 TSS=tpm2-tss
+          env: DISTRO=centos:7 TSS=tpm2-tss CONTAINER=podman CONTAINER_ARGS="--runtime=/usr/bin/crun --network=host"
           compiler: gcc
 
         - os: linux
-          env: DISTRO=centos:latest TSS=tpm2-tss
+          env: REPO="quay.io/centos/" DISTRO="${REPO}centos:stream8" TSS=tpm2-tss CONTAINER=podman CONTAINER_ARGS="--runtime=/usr/bin/crun --network=host"
           compiler: clang
 
         - os: linux
-- 
2.27.0

Re: [PATCH ima-evm-utils] travis: include CentOS stream 8

[Petr Vorel]

Hi Mimi,

> Replace CentOS 8 with CentOS stream 8.
> Use podman for both CentOS 7 & 8.

Reviewed-by: Petr Vorel <pvorel@suse.cz>

What a shame that GitHub Actions cannot specify container.

Kind regards,
Petr

Re: [PATCH ima-evm-utils] travis: include CentOS stream 8

[Mimi Zohar]

On Thu, 2022-03-24 at 15:12 +0100, Petr Vorel wrote:
> Hi Mimi,
> 
> > Replace CentOS 8 with CentOS stream 8.
> > Use podman for both CentOS 7 & 8.
> 
> Reviewed-by: Petr Vorel <pvorel@suse.cz>

Thanks, Petr.  The three CI changes are now queued in next-testing.
> 
> What a shame that GitHub Actions cannot specify container.

Looking on the bright side, at least we didn't remove the travis
support.   Below are a few of the "centos:stream9" compiler warnings
and runtime errors.

Build:
evmctl.c:955:2: warning: 'RSA_free' is deprecated [-Wdeprecated-
declarations]
        RSA_free(key);

evmctl.c:1096:9: warning: 'HMAC_CTX_new' is deprecated [-Wdeprecated-
declarations]
        pctx = HMAC_CTX_new();
        ^
evmctl.c:2249:3: warning: 'SHA1_Init' is deprecated [-Wdeprecated-
declarations]
                SHA1_Init(&c);

evmctl.c:2646:16: warning: 'ENGINE_by_id' is deprecated [-Wdeprecated-
declarations]
        ENGINE *eng = ENGINE_by_id(engine_id);


Rruntime:

evmctl -v  ima_verify --key test-rsa1024.pub --xattr-user --sigfile
sha256.txt
  Failed to d2i_X509_fp key file: test-rsa1024.pub
  openssl: error:068000A8:asn1 encoding routines::wrong tag
  openssl: error:0688010A:asn1 encoding routines::nested asn1 error

sha1 (test-rsa1024.key) test is skipped (openssl is unable to sign)

evmctl -v  verify --key test-rsa1024.pub --xattr-user --rsa --uuid --
generation 0 sha256.txt
evmctl verify failed properly with (125) 

sha1 (test-prime192v1.key) test is skipped (key file not found)
- openssl dgst   -sha1 sha1.txt
sha1 (test-prime192v1.key) test is skipped (key file not found)
- openssl dgst   -sha224 sha224.txt
sha224 (test-prime192v1.key) test is skipped (key file not found)
- openssl dgst   -sha224 sha224.txt
sha224 (test-prime192v1.key) test is skipped (key file not found)
- openssl dgst   -sha256 sha256.txt
sha256 (test-prime192v1.key) test is skipped (key file not found)
- openssl dgst   -sha256 sha256.txt
sha256 (test-prime192v1.key) test is skipped (key file not found)
- openssl dgst   -sha384 sha384.txt
sha384 (test-prime192v1.key) test is skipped (key file not found)
- openssl dgst   -sha384 sha384.txt
sha384 (test-prime192v1.key) test is skipped (key file not found)
- openssl dgst   -sha512 sha512.txt
sha512 (test-prime192v1.key) test is skipped (key file not found)
- openssl dgst   -sha512 sha512.txt
sha512 (test-prime192v1.key) test is skipped (key file not found)
- openssl dgst   -sha1 sha1.txt
- openssl dgst   -sha1 -sign test-prime256v1.key -hex sha1.txt

-- 
thanks,

Mimi