Merge pull request #1592 from Magisus/fips-check

(BKR-1604) Add FIPS detection method to Host

lib/beaker/host.rb

@@ -209,6 +209,20 @@ def graceful_restarts?
       graceful
     end
 
+    # Returns true if the host is running in FIPS mode.
+    #
+    # We currently only test FIPS mode on Redhat 7. Other detection
+    # modes should be added here if we expand FIPS support to other
+    # platforms.
+    def fips_mode?
+      case self['platform']
+      when /el-7/
+        execute("cat /proc/sys/crypto/fips_enabled") == "1"
+      else
+        false
+      end
+    end
+
     # Modifies the host settings to indicate that it will be using passenger service scripts,
     # (apache2) by default.  Does nothing if this is a PE host, since it is already using
     # passenger.

spec/beaker/host_spec.rb

@@ -849,5 +849,24 @@ module Beaker
         expect(host.down?).to be true
       end
     end
+
+    describe "#fips_mode?" do
+      it 'returns false on non-el7 hosts' do
+        @platform = 'windows'
+        expect(host.fips_mode?).to be false
+      end
+
+      it 'returns true when the `fips_enabled` file is present and contains "1"' do
+        @platform = 'el-7'
+        expect(host).to receive(:execute).with("cat /proc/sys/crypto/fips_enabled").and_return("1")
+        expect(host.fips_mode?).to be true
+      end
+
+      it 'returns false when the `fips_enabled` file is present and contains "0"' do
+        @platform = 'el-7'
+        expect(host).to receive(:execute).with("cat /proc/sys/crypto/fips_enabled").and_return("0")
+        expect(host.fips_mode?).to be false
+      end
+    end
   end
 end