)]}'
{"/COMMIT_MSG":[{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"1d7862520cfde77033c1c765500fb52ae70c1c6d","unresolved":true,"context_lines":[{"line_number":6,"context_line":""},{"line_number":7,"context_line":"Add a FIPS element"},{"line_number":8,"context_line":""},{"line_number":9,"context_line":"Adds an element whose prupose is to set the stage"},{"line_number":10,"context_line":"in the resulting image so that a user can generate an"},{"line_number":11,"context_line":"image utilizing DIB which can be used in a FIPS"},{"line_number":12,"context_line":"configuration without doing so with the input image"}],"source_content_type":"text/x-gerrit-commit-message","patch_set":1,"id":"b4e10b49_1e3c2c46","line":9,"range":{"start_line":9,"start_character":22,"end_line":9,"end_character":29},"updated":"2023-03-15 19:58:35.000000000","message":"purpose","commit_id":"443d72b63897d9f885f579e960db88b76f0d2913"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"c166510e3da7c984385f5b3f68c8f9321d442985","unresolved":false,"context_lines":[{"line_number":6,"context_line":""},{"line_number":7,"context_line":"Add a FIPS element"},{"line_number":8,"context_line":""},{"line_number":9,"context_line":"Adds an element whose prupose is to set the stage"},{"line_number":10,"context_line":"in the resulting image so that a user can generate an"},{"line_number":11,"context_line":"image utilizing DIB which can be used in a FIPS"},{"line_number":12,"context_line":"configuration without doing so with the input image"}],"source_content_type":"text/x-gerrit-commit-message","patch_set":1,"id":"2410eec5_903ff6d6","line":9,"range":{"start_line":9,"start_character":22,"end_line":9,"end_character":29},"in_reply_to":"b4e10b49_1e3c2c46","updated":"2023-03-15 21:17:16.000000000","message":"Done","commit_id":"443d72b63897d9f885f579e960db88b76f0d2913"}],"/PATCHSET_LEVEL":[{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"4acc2750c1c9e9f5e4503e2d59377884e63962c5","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"8a7a350b_48874f5e","updated":"2023-03-15 18:01:20.000000000","message":"Adding steve since I mentioned I might do this yesterday.","commit_id":"443d72b63897d9f885f579e960db88b76f0d2913"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"c166510e3da7c984385f5b3f68c8f9321d442985","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":2,"id":"7e90982b_91bcd05a","updated":"2023-03-15 21:17:16.000000000","message":"Looks good, some feedback from Ade would be welcome","commit_id":"8d3f494fd328e4b57a14cfc130e6292b4f660b1e"}],"diskimage_builder/elements/bootloader/finalise.d/50-bootloader":[{"author":{"_account_id":7118,"name":"Ian Wienand","email":"iwienand@redhat.com","username":"iwienand"},"change_message_id":"ca3fa6309393d626db373bec45e3fde255d150ce","unresolved":true,"context_lines":[{"line_number":129,"context_line":"    set -e"},{"line_number":130,"context_line":"    if [ $is_fips_enabled -eq 1 ]; then"},{"line_number":131,"context_line":"        BOOT_FIPS\u003d\"fips\u003d1\""},{"line_number":132,"context_line":"    fi"},{"line_number":133,"context_line":"fi"},{"line_number":134,"context_line":""},{"line_number":135,"context_line":""}],"source_content_type":"application/x-shellscript","patch_set":3,"id":"02422923_36452966","line":132,"updated":"2023-03-22 05:34:35.000000000","message":"I think in other places we\u0027ve done something more like\n\n fips-mode-setup --is-enabled \u0026\u0026 rc\u003d? || rc\u003d?\n if [[ ${rc} -ne 0 ]]; then\n   BOOT_FIPS\u003d\"fips\u003d1\"\n fi\n \ni guess it doesn\u0027t make any difference but it is a bit shorter","commit_id":"c21795607988c3546d7faf3f705661cd8d39bba3"}],"diskimage_builder/elements/fips/pre-install.d/01-setup-fips":[{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"1d7862520cfde77033c1c765500fb52ae70c1c6d","unresolved":true,"context_lines":[{"line_number":25,"context_line":"    exit 1"},{"line_number":26,"context_line":"else"},{"line_number":27,"context_line":"    # This command exists in Centos, Fedora, Rocky, and Debian"},{"line_number":28,"context_line":"    # and is referened in documentation and posts about how to setup FIPS."},{"line_number":29,"context_line":"    echo \"Attempting to setup FIPS mode utilizing the fips-mode-setup command.\" "},{"line_number":30,"context_line":"    fips-mode-setup --enable"},{"line_number":31,"context_line":"    echo \"FIPS mode setup completed, please remember this only applies to a\""}],"source_content_type":"application/x-shellscript","patch_set":1,"id":"c1a060ab_13a73025","line":28,"range":{"start_line":28,"start_character":13,"end_line":28,"end_character":22},"updated":"2023-03-15 19:58:35.000000000","message":"referenced","commit_id":"443d72b63897d9f885f579e960db88b76f0d2913"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"c166510e3da7c984385f5b3f68c8f9321d442985","unresolved":false,"context_lines":[{"line_number":25,"context_line":"    exit 1"},{"line_number":26,"context_line":"else"},{"line_number":27,"context_line":"    # This command exists in Centos, Fedora, Rocky, and Debian"},{"line_number":28,"context_line":"    # and is referened in documentation and posts about how to setup FIPS."},{"line_number":29,"context_line":"    echo \"Attempting to setup FIPS mode utilizing the fips-mode-setup command.\" "},{"line_number":30,"context_line":"    fips-mode-setup --enable"},{"line_number":31,"context_line":"    echo \"FIPS mode setup completed, please remember this only applies to a\""}],"source_content_type":"application/x-shellscript","patch_set":1,"id":"400dae60_0f448c11","line":28,"range":{"start_line":28,"start_character":13,"end_line":28,"end_character":22},"in_reply_to":"c1a060ab_13a73025","updated":"2023-03-15 21:17:16.000000000","message":"Done","commit_id":"443d72b63897d9f885f579e960db88b76f0d2913"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"2deaf89d6bf17acf1b8b836cfdae4c2bd31605f7","unresolved":true,"context_lines":[{"line_number":26,"context_line":"else"},{"line_number":27,"context_line":"    # This command exists in Centos, Fedora, Rocky, and Debian"},{"line_number":28,"context_line":"    # and is referened in documentation and posts about how to setup FIPS."},{"line_number":29,"context_line":"    echo \"Attempting to setup FIPS mode utilizing the fips-mode-setup command.\" "},{"line_number":30,"context_line":"    fips-mode-setup --enable"},{"line_number":31,"context_line":"    echo \"FIPS mode setup completed, please remember this only applies to a\""},{"line_number":32,"context_line":"    echo \"running operating system nor implies the certification state of the\""}],"source_content_type":"application/x-shellscript","patch_set":1,"id":"39458152_a6c6f027","line":29,"updated":"2023-03-15 18:36:32.000000000","message":"ugh, didn\u0027t spot this excess space","commit_id":"443d72b63897d9f885f579e960db88b76f0d2913"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"c166510e3da7c984385f5b3f68c8f9321d442985","unresolved":false,"context_lines":[{"line_number":26,"context_line":"else"},{"line_number":27,"context_line":"    # This command exists in Centos, Fedora, Rocky, and Debian"},{"line_number":28,"context_line":"    # and is referened in documentation and posts about how to setup FIPS."},{"line_number":29,"context_line":"    echo \"Attempting to setup FIPS mode utilizing the fips-mode-setup command.\" "},{"line_number":30,"context_line":"    fips-mode-setup --enable"},{"line_number":31,"context_line":"    echo \"FIPS mode setup completed, please remember this only applies to a\""},{"line_number":32,"context_line":"    echo \"running operating system nor implies the certification state of the\""}],"source_content_type":"application/x-shellscript","patch_set":1,"id":"24aab7fd_ca2d179f","line":29,"in_reply_to":"39458152_a6c6f027","updated":"2023-03-15 21:17:16.000000000","message":"Done","commit_id":"443d72b63897d9f885f579e960db88b76f0d2913"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"2deaf89d6bf17acf1b8b836cfdae4c2bd31605f7","unresolved":true,"context_lines":[{"line_number":27,"context_line":"    # This command exists in Centos, Fedora, Rocky, and Debian"},{"line_number":28,"context_line":"    # and is referened in documentation and posts about how to setup FIPS."},{"line_number":29,"context_line":"    echo \"Attempting to setup FIPS mode utilizing the fips-mode-setup command.\" "},{"line_number":30,"context_line":"    fips-mode-setup --enable"},{"line_number":31,"context_line":"    echo \"FIPS mode setup completed, please remember this only applies to a\""},{"line_number":32,"context_line":"    echo \"running operating system nor implies the certification state of the\""},{"line_number":33,"context_line":"    echo \"resulting running operating system.\""}],"source_content_type":"application/x-shellscript","patch_set":1,"id":"c5a495b9_ea371147","line":30,"updated":"2023-03-15 18:36:32.000000000","message":"so here is a new one: with Rocky.\n\n2023-03-15 18:27:04.842 | + fips-mode-setup --enable\n2023-03-15 18:27:05.038 | Setting system policy to FIPS\n2023-03-15 18:27:05.038 | Note: System-wide crypto policies are applied on application start-up.\n2023-03-15 18:27:05.038 | It is recommended to restart the system for the change of policies\n2023-03-15 18:27:05.038 | to fully take place.\n2023-03-15 18:27:05.047 | df: /boot: No such file or directory\n2023-03-15 18:27:05.052 | Boot device not identified, you have to configure the bootloader manually.\n2023-03-15 18:27:05.053 | FIPS mode will be enabled.\n2023-03-15 18:27:05.053 | Now you need to configure the bootloader to add kernel options \"fips\u003d1 boot\u003dUUID\u003d\u003cyour-boot-device-uuid\u003e\"\n2023-03-15 18:27:05.053 | and reboot the system for the setting to take effect.\n2023-03-15 18:27:05.054 | + echo \u0027FIPS mode setup completed, please remember this only applies to a\u0027\n2023-03-15 18:27:05.054 | FIPS mode setup completed, please remember this only applies to a\n2023-03-15 18:27:05.054 | + echo \u0027running operating system nor implies the certification state of the\u0027\n2023-03-15 18:27:05.054 | running operating system nor implies the certification state of the","commit_id":"443d72b63897d9f885f579e960db88b76f0d2913"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"c166510e3da7c984385f5b3f68c8f9321d442985","unresolved":false,"context_lines":[{"line_number":27,"context_line":"    # This command exists in Centos, Fedora, Rocky, and Debian"},{"line_number":28,"context_line":"    # and is referened in documentation and posts about how to setup FIPS."},{"line_number":29,"context_line":"    echo \"Attempting to setup FIPS mode utilizing the fips-mode-setup command.\" "},{"line_number":30,"context_line":"    fips-mode-setup --enable"},{"line_number":31,"context_line":"    echo \"FIPS mode setup completed, please remember this only applies to a\""},{"line_number":32,"context_line":"    echo \"running operating system nor implies the certification state of the\""},{"line_number":33,"context_line":"    echo \"resulting running operating system.\""}],"source_content_type":"application/x-shellscript","patch_set":1,"id":"573ce13a_fb7ff7b2","line":30,"in_reply_to":"77140413_d134c56e","updated":"2023-03-15 21:17:16.000000000","message":"Done","commit_id":"443d72b63897d9f885f579e960db88b76f0d2913"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"e58bbfdc48528a849ee44c20d7c5aac04a7c3aeb","unresolved":false,"context_lines":[{"line_number":27,"context_line":"    # This command exists in Centos, Fedora, Rocky, and Debian"},{"line_number":28,"context_line":"    # and is referened in documentation and posts about how to setup FIPS."},{"line_number":29,"context_line":"    echo \"Attempting to setup FIPS mode utilizing the fips-mode-setup command.\" "},{"line_number":30,"context_line":"    fips-mode-setup --enable"},{"line_number":31,"context_line":"    echo \"FIPS mode setup completed, please remember this only applies to a\""},{"line_number":32,"context_line":"    echo \"running operating system nor implies the certification state of the\""},{"line_number":33,"context_line":"    echo \"resulting running operating system.\""}],"source_content_type":"application/x-shellscript","patch_set":1,"id":"c0922d5d_046ef512","line":30,"in_reply_to":"77140413_d134c56e","updated":"2023-03-15 23:03:00.000000000","message":"Policy needs to be in place first before apps really get installed. *but* reconciling it makes sense. And also sort of addresses the fact rocky linux and others might skip things after the fact depending on their state.","commit_id":"443d72b63897d9f885f579e960db88b76f0d2913"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"1d7862520cfde77033c1c765500fb52ae70c1c6d","unresolved":true,"context_lines":[{"line_number":27,"context_line":"    # This command exists in Centos, Fedora, Rocky, and Debian"},{"line_number":28,"context_line":"    # and is referened in documentation and posts about how to setup FIPS."},{"line_number":29,"context_line":"    echo \"Attempting to setup FIPS mode utilizing the fips-mode-setup command.\" "},{"line_number":30,"context_line":"    fips-mode-setup --enable"},{"line_number":31,"context_line":"    echo \"FIPS mode setup completed, please remember this only applies to a\""},{"line_number":32,"context_line":"    echo \"running operating system nor implies the certification state of the\""},{"line_number":33,"context_line":"    echo \"resulting running operating system.\""}],"source_content_type":"application/x-shellscript","patch_set":1,"id":"77140413_d134c56e","line":30,"in_reply_to":"c5a495b9_ea371147","updated":"2023-03-15 19:58:35.000000000","message":"Maybe this script needs to be moved to finalize.d, before or after 50-bootloader?","commit_id":"443d72b63897d9f885f579e960db88b76f0d2913"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"5248b722061ff072bf2cf645f3eab4a055b85d01","unresolved":true,"context_lines":[{"line_number":10,"context_line":"if [[ \"${DISTRO_NAME}\" \u003d\u003d \"ubuntu\" ]]; then"},{"line_number":11,"context_line":"    echo \"ERROR: Setup of FIPS mode with DIB is not supported with Ubuntu.\""},{"line_number":12,"context_line":"    echo \"Please see refer to Ubuntu documentation on how to configure \""},{"line_number":13,"context_line":"    echo \"FIPS, as it requires a Ubuntu Advantage subscription.\""},{"line_number":14,"context_line":"    echo \"https://ubuntu.com/security/certifications/docs/fips-enablement\""},{"line_number":15,"context_line":"    exit 1"},{"line_number":16,"context_line":"elif [[ \"${DISTRO_NAME}\" \u003d\u003d \"gentoo\" ]]; then"}],"source_content_type":"application/x-shellscript","patch_set":2,"id":"e89273a1_e928004f","line":13,"updated":"2023-03-16 17:03:39.000000000","message":"nit: an Ubuntu","commit_id":"8d3f494fd328e4b57a14cfc130e6292b4f660b1e"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"5248b722061ff072bf2cf645f3eab4a055b85d01","unresolved":true,"context_lines":[{"line_number":16,"context_line":"elif [[ \"${DISTRO_NAME}\" \u003d\u003d \"gentoo\" ]]; then"},{"line_number":17,"context_line":"    echo \"ERROR: Setup of FIPS mode with DIB is not supported with Gentoo.\""},{"line_number":18,"context_line":"    echo \"Gentoo\u0027s documentation appears to largely omit references to\""},{"line_number":19,"context_line":"    echo \"FIPS setup, and the supprotability is unknown.\""},{"line_number":20,"context_line":"    exit 1"},{"line_number":21,"context_line":"elif [[ \"${DISTRO_NAME}\" \u003d\u003d \"opensuse\" ]]; then"},{"line_number":22,"context_line":"    echo \"ERROR: Setup of FIPS mode with DIB is not supported with OpenSUSE.\""}],"source_content_type":"application/x-shellscript","patch_set":2,"id":"4d17abe8_585c8833","line":19,"updated":"2023-03-16 17:03:39.000000000","message":"nit: supportability","commit_id":"8d3f494fd328e4b57a14cfc130e6292b4f660b1e"}]}