From c5afb3a61d98e965980d78b7f08ede4f580c8a89 Mon Sep 17 00:00:00 2001
From: Casey Bodley <cbodley@redhat.com>
Date: Thu, 21 May 2026 09:54:16 -0400
Subject: [PATCH] qa/rgw: ignore 'keytool: command for found' errors

this 'keytool' invocation was moved from qa/tasks/s3tests_java.py to
qa/tasks/rgw.py so that it would also cover the java checksum tests

but that means it runs for any rgw job with https enabled, even if it
doesn't install or use any java stuff. the 'keytool' command itself
comes from jdk packages which aren't installed by default

ignore errors from this command so that subsuites can use https without
installing java

Signed-off-by: Casey Bodley <cbodley@redhat.com>
---
 qa/tasks/rgw.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/qa/tasks/rgw.py b/qa/tasks/rgw.py
index aaa90bb4ba6..ede35191ac1 100644
--- a/qa/tasks/rgw.py
+++ b/qa/tasks/rgw.py
@@ -81,6 +81,10 @@ def start_rgw(ctx, config, clients):
             # add the ssl certificate path
             frontends += ' ssl_certificate={}'.format(endpoint.cert.certificate)
             frontends += ' ssl_port={}'.format(endpoint.port)
+
+            # install the cert to the java store for java tests. this may fail
+            # with 'keytool: command not found' for jobs that don't install java
+            # stuff, so add check_status=False to ignore
             path = 'lib/security/cacerts'
             ctx.cluster.only(client).run(
                 args=['sudo',
@@ -93,7 +97,8 @@ def start_rgw(ctx, config, clients):
                       '-file', endpoint.cert.certificate,
                       '-storepass', 'changeit',
                       ],
-                stdout=BytesIO()
+                stdout=BytesIO(),
+                check_status=False
             )
 
         else:
-- 
2.47.3