SatelliteQE · Gauravtalreja1 · Dec 20, 2024 · Dec 24, 2024 · Dec 30, 2024
@@ -72,6 +72,11 @@ def module_vmware_hostgroup(
         subnet=module_provisioning_sat.subnet,
         pxe_loader=pxe_loader.pxe_loader,
         group_parameters_attributes=[
+            {
+                'name': 'remote_execution_connect_by_ip',
+                'parameter_type': 'boolean',
+                'value': 'true',
+            },
             # assign AK in order the hosts to be subscribed
             {
                 'name': 'kt_activation_keys',

@@ -17,22 +17,24 @@
 from wrapanapi.systems.virtualcenter import VMWareVirtualMachine
 
 from robottelo.config import settings
+from robottelo.hosts import ContentHost
 
 
 @pytest.mark.e2e
 @pytest.mark.on_premises_provisioning
 @pytest.mark.parametrize('setting_update', ['destroy_vm_on_host_delete=True'], indirect=True)
 @pytest.mark.parametrize('vmware', ['vmware7', 'vmware8'], indirect=True)
-@pytest.mark.parametrize('pxe_loader', ['bios', 'uefi'], indirect=True)
+@pytest.mark.parametrize('pxe_loader', ['bios', 'uefi', 'secureboot'], indirect=True)
 @pytest.mark.parametrize('provision_method', ['build', 'bootdisk'])
-@pytest.mark.rhel_ver_match('[8]')
+@pytest.mark.rhel_ver_list('[9, 10]')
 def test_positive_provision_end_to_end(
     request,
     setting_update,
     module_provisioning_rhel_content,
     module_provisioning_sat,
     module_sca_manifest_org,
     module_location,
+    module_ssh_key_file,
     pxe_loader,
     module_vmware_cr,
     module_vmware_hostgroup,
@@ -46,7 +48,6 @@ def test_positive_provision_end_to_end(
     :id: 6985e7c0-d258-4fc4-833b-e680804b55e8
 
     :steps:
-
         1. Configure provisioning setup.
         2. Create VMware CR
         3. Configure host group setup.
@@ -57,13 +58,11 @@ def test_positive_provision_end_to_end(
 
     :CaseImportance: Critical
 
-    :Verifies: SAT-23417, SAT-23558
+    :Verifies: SAT-18721, SAT-23558, SAT-25810
 
     :customerscenario: true
 
     :BZ: 2186114
-
-    :verifies: SAT-18721
     """
     sat = module_provisioning_sat.sat
     name = gen_string('alpha').lower()
@@ -78,10 +77,10 @@ def test_positive_provision_end_to_end(
             'path': '/Datacenters/SatQE-Datacenter/vm/',
             'cpus': 2,
             'memory_mb': 6000,
-            'firmware': 'bios' if pxe_loader.vm_firmware == 'bios' else 'efi',
-            'cluster': f'{settings.vmware.cluster}',
+            'firmware': pxe_loader.vm_firmware,
+            'cluster': settings.vmware.cluster,
             'start': '1',
-            'guest_id': 'rhel8_64Guest',
+            'guest_id': 'rhel9_64Guest',
             'scsi_controllers': [{'type': 'ParaVirtualSCSIController', 'key': 1001}],
             'nvme_controllers': [{'type': 'VirtualNVMEController', 'key': 2001}],
             'volumes_attributes': {
@@ -126,6 +125,21 @@ def test_positive_provision_end_to_end(
     )
     assert host.read().build_status_label == 'Installed'
 
+    # Verify SecureBoot is enabled on host after provisioning is completed sucessfully
+    if pxe_loader.vm_firmware == 'uefi_secure_boot':
+        provisioning_host = ContentHost(host.ip, auth=module_ssh_key_file)
+        # Wait for the host to be rebooted and SSH daemon to be started.
+        provisioning_host.wait_for_connection()
+        # Enable Root Login
+        if int(host.operatingsystem.read().major) >= 9:
+            assert (
+                provisioning_host.execute(
+                    'echo -e "\nPermitRootLogin yes" >> /etc/ssh/sshd_config; systemctl restart sshd'
+                ).status
+                == 0
+            )
+        assert 'SecureBoot enabled' in provisioning_host.execute('mokutil --sb-state').stdout
+
 
 @pytest.mark.on_premises_provisioning
 @pytest.mark.parametrize('module_provisioning_sat', ['discovery'], indirect=True)

@@ -17,6 +17,7 @@
 
 from robottelo.config import settings
 from robottelo.constants import FOREMAN_PROVIDERS
+from robottelo.hosts import ContentHost
 
 
 @pytest.mark.tier1
@@ -78,9 +79,9 @@ def test_positive_vmware_cr_end_to_end(target_sat, module_org, module_location,
 @pytest.mark.on_premises_provisioning
 @pytest.mark.parametrize('setting_update', ['destroy_vm_on_host_delete=True'], indirect=True)
 @pytest.mark.parametrize('vmware', ['vmware7', 'vmware8'], indirect=True)
-@pytest.mark.parametrize('pxe_loader', ['bios', 'uefi'], indirect=True)
+@pytest.mark.parametrize('pxe_loader', ['bios', 'uefi', 'secureboot'], indirect=True)
 @pytest.mark.parametrize('provision_method', ['build', 'bootdisk'])
-@pytest.mark.rhel_ver_match(r'^(?!.*fips).*$')
+@pytest.mark.rhel_ver_match('[7]')
 @pytest.mark.tier3
 def test_positive_provision_end_to_end(
     request,
@@ -101,7 +102,6 @@ def test_positive_provision_end_to_end(
     :id: ff9963fc-a2a7-4392-aa9a-190d5d1c8357
 
     :steps:
-
         1. Configure provisioning setup.
         2. Create VMware CR
         3. Configure host group setup.
@@ -110,7 +110,7 @@ def test_positive_provision_end_to_end(
 
     :expectedresults: Host is provisioned succesfully with hostgroup
 
-    :CaseAutomation: Automated
+    :Verifies: SAT-25810
     """
     sat = module_provisioning_sat.sat
     hostname = gen_string('alpha').lower()
@@ -126,7 +126,7 @@ def test_positive_provision_end_to_end(
             'compute-attributes': f'cluster={settings.vmware.cluster},'
             f'path=/Datacenters/{settings.vmware.datacenter}/vm/,'
             'scsi_controller_type=VirtualLsiLogicController,'
-            'guest_id=rhel8_64Guest,firmware=automatic,'
+            f'guest_id=rhel7_64Guest,firmware={pxe_loader.vm_firmware},'
             'cpus=1,memory_mb=6000, start=1',
             'interface': f'compute_type=VirtualVmxnet3,'
             f'compute_network=VLAN {settings.provisioning.vlan_id}',
@@ -150,6 +150,13 @@ def test_positive_provision_end_to_end(
     host_info = sat.cli.Host.info({'id': host['id']})
     assert host_info['status']['build-status'] == 'Installed'
 
+    # Verify SecureBoot is enabled on host after provisioning is completed sucessfully
+    if pxe_loader.vm_firmware == 'uefi_secure_boot':
+        provisioning_host = ContentHost(host_info['network']['ipv4-address'])
+        # Wait for the host to be rebooted and SSH daemon to be started.
+        provisioning_host.wait_for_connection()
+        assert 'SecureBoot enabled' in provisioning_host.execute('mokutil --sb-state').stdout
+
 
 @pytest.mark.e2e
 @pytest.mark.on_premises_provisioning
@@ -190,10 +197,6 @@ def test_positive_image_provision_end_to_end(
     """
     sat = module_provisioning_sat.sat
     hostname = gen_string('alpha').lower()
-    module_vmware_hostgroup.group_parameters_attributes = [
-        {'name': 'package_upgrade', 'value': 'false', 'parameter_type': 'boolean'}
-    ]
-    module_vmware_hostgroup.update(['group_parameters_attributes'])
     host = sat.cli.Host.create(
         {
             'name': hostname,

@@ -326,7 +326,7 @@ def test_positive_vmware_custom_profile_end_to_end(
     cpus = ['2', '4', '6']
     vm_memory = ['4000', '6000', '8000']
     annotation_notes = gen_string('alpha')
-    firmware_type = ['Automatic', 'BIOS', 'EFI']
+    firmware_type = ['Automatic', 'BIOS', 'UEFI', 'UEFI Secure Boot']
     resource_pool = VMWARE_CONSTANTS['pool']
     folder = VMWARE_CONSTANTS['folder']
     virtual_hw_version = VMWARE_CONSTANTS['virtualhw_version']
@@ -554,19 +554,14 @@ def test_positive_virt_card(session, target_sat, module_location, module_org, vm
 
 @pytest.mark.e2e
 @pytest.mark.on_premises_provisioning
-@pytest.mark.parametrize(
-    'setting_update',
-    ['remote_execution_connect_by_ip=True', 'destroy_vm_on_host_delete=True'],
-    indirect=True,
-)
-@pytest.mark.parametrize('pxe_loader', ['bios', 'uefi'], indirect=True)
+@pytest.mark.parametrize('setting_update', ['destroy_vm_on_host_delete=True'], indirect=True)
+@pytest.mark.parametrize('pxe_loader', ['bios', 'uefi', 'secureboot'], indirect=True)
 @pytest.mark.parametrize('provision_method', ['build'])
 @pytest.mark.rhel_ver_match('[8]')
 @pytest.mark.tier3
 def test_positive_provision_end_to_end(
     request,
     module_sca_manifest_org,
-    module_location,
     pxe_loader,
     module_vmware_cr,
     module_vmware_hostgroup,
@@ -593,13 +588,13 @@ def test_positive_provision_end_to_end(
 
     :BZ: 2025523
 
-    :Verifies: SAT-24780
+    :Verifies: SAT-24780, SAT-25810
 
     :customerscenario: true
     """
     SELECTED_ROLE = 'theforeman.foreman_scap_client'
     host_name = gen_string('alpha').lower()
-    guest_os_names = 'Red Hat Enterprise Linux 8 (64 bit)'
+    guest_os_names = 'Red Hat Enterprise Linux 9 (64 bit)'
     storage_data = {'storage': {'disks': [{'data_store': get_vmware_datastore_summary_string}]}}
     network_data = {
         'network_interfaces': {
@@ -608,10 +603,8 @@ def test_positive_provision_end_to_end(
         }
     }
     with target_sat.ui_session() as session:
-        session.ansibleroles.import_all_roles()
-        assert session.ansibleroles.import_all_roles() == session.ansibleroles.imported_roles_count
-        session.location.select(module_location.name)
         session.organization.select(module_sca_manifest_org.name)
+        session.ansibleroles.import_all_roles()
         session.hostgroup.assign_role_to_hostgroup(
             module_vmware_hostgroup.name, {'ansible_roles.resources': SELECTED_ROLE}
         )
@@ -653,6 +646,14 @@ def test_positive_provision_end_to_end(
         assert values['Build']['Status'] == 'Installed'
         assert values['Execution']['Status'] == 'Last execution succeeded'
 
+        # Verify SecureBoot is enabled on host after provisioning is completed sucessfully
+        if pxe_loader.vm_firmware == 'uefi_secure_boot':
+            host = target_sat.api.Host().search(query={'host': host_name})[0].read()
+            provisioning_host = ContentHost(host.ip)
+            # Wait for the host to be rebooted and SSH daemon to be started.
+            provisioning_host.wait_for_connection()
+            assert 'SecureBoot enabled' in provisioning_host.execute('mokutil --sb-state').stdout
+
         # Verify if assigned role is executed on the host, and correct host passwd is set
         host = ContentHost(target_sat.api.Host().search(query={'host': host_name})[0].read().ip)
         assert host.execute('yum list installed rubygem-foreman_scap_client').status == 0