Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package crmsh for openSUSE:Factory checked in at 2026-04-01 19:52:07 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/crmsh (Old) and /work/SRC/openSUSE:Factory/.crmsh.new.21863 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "crmsh" Wed Apr 1 19:52:07 2026 rev:401 rq:1344045 version:5.0.0+20260401.827507a4 Changes: -------- --- /work/SRC/openSUSE:Factory/crmsh/crmsh.changes 2026-03-27 06:38:03.625671919 +0100 +++ /work/SRC/openSUSE:Factory/.crmsh.new.21863/crmsh.changes 2026-04-01 19:53:34.484472853 +0200 @@ -1,0 +2,15 @@ +Wed Apr 01 07:06:29 UTC 2026 - [email protected] + +- Update to version 5.0.0+20260401.827507a4: + * Fix: crm.8.adoc: Use cluster inside KVM guest as example instead of Xen + +------------------------------------------------------------------- +Tue Mar 31 02:59:18 UTC 2026 - [email protected] + +- Update to version 5.0.0+20260331.778ade0d: + * Dev: unittests: Adjust unit test for previous commits + * Dev: behave: Adjust functional test for previous commits + * Dev: qdevice: Remove unused codes + * Fix: bootstrap: On join node, retrieve qdevice certification files before starting qdevice (bsc#1254243) + +------------------------------------------------------------------- Old: ---- crmsh-5.0.0+20260325.30415311.tar.bz2 New: ---- crmsh-5.0.0+20260401.827507a4.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ crmsh.spec ++++++ --- /var/tmp/diff_new_pack.R1I26l/_old 2026-04-01 19:53:35.756525690 +0200 +++ /var/tmp/diff_new_pack.R1I26l/_new 2026-04-01 19:53:35.760525856 +0200 @@ -41,7 +41,7 @@ Summary: High Availability cluster command-line interface License: GPL-2.0-or-later Group: %{pkg_group} -Version: 5.0.0+20260325.30415311 +Version: 5.0.0+20260401.827507a4 Release: 0 URL: http://crmsh.github.io Source0: %{name}-%{version}.tar.bz2 ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.R1I26l/_old 2026-04-01 19:53:35.936533167 +0200 +++ /var/tmp/diff_new_pack.R1I26l/_new 2026-04-01 19:53:35.940533333 +0200 @@ -9,7 +9,7 @@ </service> <service name="tar_scm"> <param name="url">https://github.com/ClusterLabs/crmsh.git</param> - <param name="changesrevision">3041531128e7054099613dffe633c0a14ccb3d29</param> + <param name="changesrevision">e6dc4d82b19cba2e3d29ea342d57243cb08c82da</param> </service> </servicedata> (No newline at EOF) ++++++ crmsh-5.0.0+20260325.30415311.tar.bz2 -> crmsh-5.0.0+20260401.827507a4.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh-5.0.0+20260325.30415311/crmsh/bootstrap.py new/crmsh-5.0.0+20260401.827507a4/crmsh/bootstrap.py --- old/crmsh-5.0.0+20260325.30415311/crmsh/bootstrap.py 2026-03-25 05:38:47.000000000 +0100 +++ new/crmsh-5.0.0+20260401.827507a4/crmsh/bootstrap.py 2026-04-01 08:32:17.000000000 +0200 @@ -2002,12 +2002,6 @@ shell = sh.cluster_shell() - if is_qdevice_configured: - if not _context.use_ssh_agent or not _keys_from_ssh_agent(): - # trigger init_qnetd_remote on init node - cmd = f"crm cluster init qnetd_remote {utils.this_node()} -y" - shell.get_stdout_or_raise_error(cmd, seed_host) - shutil.copy(corosync.conf(), _context.get_corosync_conf_orig()) # check if use IPv6 @@ -2073,10 +2067,18 @@ with logger_utils.status_long("Reloading cluster configuration"): shell.get_stdout_or_raise_error("corosync-cfgtool -R") + service_manager = ServiceManager() if is_qdevice_configured: - start_qdevice_on_join_node(seed_host) + if not _context.use_ssh_agent or not _keys_from_ssh_agent(): + # trigger init_qnetd_remote on init node + cmd = f"crm cluster init qnetd_remote {utils.this_node()} -y" + shell.get_stdout_or_raise_error(cmd, seed_host) + msg = f"Retrieving QDevice cerification files from {seed_host}" + retrieve_files(seed_host, [qdevice.QDevice.qdevice_path], msg) + logger.info("Starting and enable corosync-qdevice.service") + service_manager.start_service("corosync-qdevice.service", enable=True) else: - ServiceManager(sh.ClusterShellAdaptorForLocalShell(sh.LocalShell())).disable_service("corosync-qdevice.service") + service_manager.disable_service("corosync-qdevice.service") def adjust_priority_in_rsc_defaults(is_2node_wo_qdevice): @@ -2107,18 +2109,6 @@ utils.set_property("priority-fencing-delay", 0) -def start_qdevice_on_join_node(seed_host): - """ - Doing qdevice certificate process and start qdevice service on join node - """ - with logger_utils.status_long(f"Starting and enable corosync-qdevice.service on {utils.this_node()}"): - if corosync.is_qdevice_tls_on(): - qnetd_addr = corosync.get_value("quorum.device.net.host") - qdevice_inst = qdevice.QDevice(qnetd_addr, cluster_node=seed_host) - qdevice_inst.certificate_process_on_join() - ServiceManager(sh.ClusterShellAdaptorForLocalShell(sh.LocalShell())).start_service("corosync-qdevice.service", enable=True) - - def get_cluster_node_ip(node: str) -> str: """ ringx_addr might be hostname or IP diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh-5.0.0+20260325.30415311/crmsh/qdevice.py new/crmsh-5.0.0+20260401.827507a4/crmsh/qdevice.py --- old/crmsh-5.0.0+20260325.30415311/crmsh/qdevice.py 2026-03-25 05:38:47.000000000 +0100 +++ new/crmsh-5.0.0+20260401.827507a4/crmsh/qdevice.py 2026-04-01 08:32:17.000000000 +0200 @@ -107,7 +107,6 @@ """Class to manage qdevice configuration and services Call `certificate_process_on_init` to generate all of CA, server, and client certs. - Call `certificate_process_on_join` to generate a single client cert for the local node. """ qnetd_service = "corosync-qnetd.service" @@ -119,7 +118,7 @@ qdevice_db_path = "/etc/corosync/qdevice/net/nssdb" def __init__(self, qnetd_addr, port=5403, algo="ffsplit", tie_breaker="lowest", - tls="on", ssh_user=None, cluster_node=None, cmds=None, mode=None, cluster_name=None, is_stage=False): + tls="on", ssh_user=None, cmds=None, mode=None, cluster_name=None, is_stage=False): """ Init function """ @@ -129,7 +128,6 @@ self.tie_breaker = tie_breaker self.tls = tls self.ssh_user = ssh_user - self.cluster_node = cluster_node self.cmds = cmds self.mode = mode self.cluster_name = cluster_name @@ -151,13 +149,6 @@ return "{}/{}/{}".format(self.qdevice_path, self.qnetd_addr, self.qnetd_cacert_filename) @property - def qnetd_cacert_on_cluster(self): - """ - Return path of qnetd-cacert.crt on cluster node - """ - return "{}/{}/{}".format(self.qdevice_path, self.cluster_node, self.qnetd_cacert_filename) - - @property def qdevice_crq_on_qnetd(self): """ Return path of qdevice-net-node.crq on qnetd node @@ -192,13 +183,6 @@ """ return "{}/nssdb/{}".format(self.qdevice_path, self.qdevice_p12_filename) - @property - def qdevice_p12_on_cluster(self): - """ - Return path of qdevice-net-node.p12 on cluster node - """ - return "{}/{}/{}".format(self.qdevice_path, self.cluster_node, self.qdevice_p12_filename) - @staticmethod def check_qnetd_addr(qnetd_addr): qnetd_ip = None @@ -452,65 +436,6 @@ ]): step(lambda s, cmd=None: self.log_only_to_file(f'Step {i+1}: {s}', cmd)) - def fetch_qnetd_crt_from_cluster(self): - """ - Certificate process for join - Step 1 - Fetch QNetd CA certificate(qnetd-cacert.crt) from init node - """ - if os.path.exists(self.qnetd_cacert_on_cluster): - return - - desc = "Step 1: Fetch {} from {}".format(self.qnetd_cacert_filename, self.cluster_node) - QDevice.log_only_to_file(desc) - crmsh.parallax.parallax_slurp([self.cluster_node], self.qdevice_path, self.qnetd_cacert_on_local) - - def init_db_on_local(self): - """ - Certificate process for join - Step 2 - Initialize database by running - /usr/sbin/corosync-qdevice-net-certutil -i -c qnetd-cacert.crt - """ - if os.path.exists(self.qdevice_db_path): - utils.rmdir_r(self.qdevice_db_path) - - cmd = "corosync-qdevice-net-certutil -i -c {}".format(self.qnetd_cacert_on_cluster) - QDevice.log_only_to_file("Step 2: Initialize database on local", cmd) - sh.cluster_shell().get_stdout_or_raise_error(cmd) - - def fetch_p12_from_cluster(self): - """ - Certificate process for join - Step 3 - Fetch p12 key file from init node - """ - if os.path.exists(self.qdevice_p12_on_cluster): - return - - desc = "Step 3: Fetch {} from {}".format(self.qdevice_p12_filename, self.cluster_node) - QDevice.log_only_to_file(desc) - crmsh.parallax.parallax_slurp([self.cluster_node], self.qdevice_path, self.qdevice_p12_on_local) - - def import_p12_on_local(self): - """ - Certificate process for join - Step 4 - Import cluster certificate and key - """ - cmd = "corosync-qdevice-net-certutil -m -c {}".format(self.qdevice_p12_on_cluster) - QDevice.log_only_to_file("Step 4: Import cluster certificate and key", cmd) - sh.cluster_shell().get_stdout_or_raise_error(cmd) - - def certificate_process_on_join(self): - """ - The qdevice certificate process on join node - """ - self.fetch_qnetd_crt_from_cluster() - self.init_db_on_local() - self.fetch_p12_from_cluster() - self.import_p12_on_local() - def write_qdevice_config(self) -> None: """ Write qdevice attributes to config file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh-5.0.0+20260325.30415311/doc/crm.8.adoc new/crmsh-5.0.0+20260401.827507a4/doc/crm.8.adoc --- old/crmsh-5.0.0+20260325.30415311/doc/crm.8.adoc 2026-03-25 05:38:47.000000000 +0100 +++ new/crmsh-5.0.0+20260401.827507a4/doc/crm.8.adoc 2026-04-01 08:32:17.000000000 +0200 @@ -521,8 +521,8 @@ crm(live)configure template# apply crm(live)configure template# cd .. crm(live)configure# show -node xen-b -node xen-c +node kvm-b +node kvm-c primitive apache apache \ params configfile="/etc/apache2/httpd.conf" \ op monitor interval=120s timeout=60s @@ -540,7 +540,7 @@ to run the service: ............... -crm(live)configure# location websvc-pref websvc 100: xen-b +crm(live)configure# location websvc-pref websvc 100: kvm-b ............... If you are not happy with some resource names which are provided @@ -549,15 +549,15 @@ ............... crm(live)configure# rename virtual-ip intranet-ip crm(live)configure# show -node xen-b -node xen-c +node kvm-b +node kvm-c primitive apache apache \ params configfile="/etc/apache2/httpd.conf" \ op monitor interval=120s timeout=60s primitive intranet-ip IPaddr \ params ip=192.168.1.101 group websvc apache intranet-ip -location websvc-pref websvc 100: xen-b +location websvc-pref websvc 100: kvm-b ............... To summarize, working with templates typically consists of the @@ -579,16 +579,24 @@ Let's say that we entered the following configuration: ............... -node xen-b -node xen-c -node xen-d -primitive fencer stonith:external/libvirt \ - params hypervisor_uri="qemu+tcp://10.2.13.1/system" \ - hostlist="xen-b xen-c xen-d" \ - op monitor interval=2h -primitive svc Xinetd \ - params service=systat \ - op monitor interval=30s +node kvm-b +node kvm-c +node kvm-d +primitive fence_kvm_b stonith:fence_virsh \ + params ip=10.2.13.1 plug=kvm-b \ + pcmk_host_check=static-list pcmk_host_list=kvm-b \ + username=root password=$PASSWD \ + op monitor interval=60s +primitive fence_kvm_c stonith:fence_virsh \ + params ip=10.2.13.1 plug=kvm-c \ + pcmk_host_check=static-list pcmk_host_list=kvm-c \ + username=root password=$PASSWD \ + op monitor interval=60s +primitive fence_kvm_d stonith:fence_virsh \ + params ip=10.2.13.1 plug=kvm-d \ + pcmk_host_check=static-list pcmk_host_list=kvm-d \ + username=root password=$PASSWD \ + op monitor interval=60s primitive intranet-ip IPaddr2 \ params ip=10.2.13.100 \ op monitor interval=30s @@ -596,13 +604,13 @@ params configfile="/etc/apache2/httpd.conf" \ op monitor interval=120s timeout=60s group websvc apache intranet-ip -location websvc-pref websvc 100: xen-b +location websvc-pref websvc 100: kvm-b ............... Before typing `commit` to submit the configuration to the cib we can make sure that all resources are usable on all nodes: ............... -crm(live)configure# rsctest websvc svc fencer +crm(live)configure# rsctest websvc ............... It is important that resources being tested are not running on @@ -2192,7 +2200,7 @@ ............... Example: ............... -utilization xen1 set memory 4096 +utilization kvm1 set host_memory 4096 ............... [[cmdhelp.sbd,SBD management]] @@ -2612,7 +2620,7 @@ set to +Started+: ............... crm(live)# resource show svc -resource svc is running on: xen-f +resource svc is running on: kvm-f ............... Hence, if the user invokes +resource stop svc+ the intention is @@ -3670,7 +3678,7 @@ op monitor role=Promoted interval=60s \ op monitor role=Unpromoted interval=300s -primitive xen0 @vm_scheme1 xmfile=/etc/xen/vm/xen0 +primitive kvm0 @vm_scheme1 config="/etc/libvirt/qemu/kvm0.xml" primitive mySpecialRsc Special \ params 3: rule #uname eq node1 interface=eth1 \ @@ -3895,16 +3903,16 @@ ............... Example: ............... -rsc_template public_vm Xen \ +rsc_template public_vm VirtualDomain \ op start timeout=300s \ op stop timeout=300s \ op monitor interval=30s timeout=60s \ op migrate_from timeout=600s \ op migrate_to timeout=600s -primitive xen0 @public_vm \ - params xmfile=/etc/xen/xen0 -primitive xen1 @public_vm \ - params xmfile=/etc/xen/xen1 +primitive kvm0 @public_vm \ + params config="/etc/libvirt/qemu/kvm0.xml" +primitive kvm1 @public_vm \ + params config="/etc/libvirt/qemu/kvm1.xml" ............... [[cmdhelp.configure.rsc_ticket,resources ticket dependency]] @@ -4453,7 +4461,7 @@ ............... Example: ............... -node xen-b unclean +node kvm-b unclean ............... [[cmdhelp.cibstatus.op,edit outcome of a resource operation]] @@ -4483,10 +4491,10 @@ ............... Example: ............... -op start d1 xen-b generic -op start d1 xen-b 1 -op monitor d1 xen-b not_running -op stop d1 xen-b 0 timeout +op start d1 kvm-b generic +op start d1 kvm-b 1 +op monitor d1 kvm-b not_running +op stop d1 kvm-b 0 timeout ............... [[cmdhelp.cibstatus.origin,display origin of the CIB status section]] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh-5.0.0+20260325.30415311/test/features/qdevice_setup_remove.feature new/crmsh-5.0.0+20260401.827507a4/test/features/qdevice_setup_remove.feature --- old/crmsh-5.0.0+20260325.30415311/test/features/qdevice_setup_remove.feature 2026-03-25 05:38:47.000000000 +0100 +++ new/crmsh-5.0.0+20260401.827507a4/test/features/qdevice_setup_remove.feature 2026-04-01 08:32:17.000000000 +0200 @@ -152,6 +152,17 @@ And Service "corosync-qdevice" is "started" on "hanode1" And Show status from qnetd + @clean + Scenario: Re-join cluster (bsc#1254243) + When Run "crm cluster init --qnetd-hostname=qnetd-node -y" on "hanode1" + When Run "crm cluster join -c hanode1 -y" on "hanode2" + Then Service "corosync-qdevice" is "started" on "hanode1" + And Service "corosync-qdevice" is "started" on "hanode2" + When Run "crm cluster remove hanode1 -y" on "hanode2" + Then Service "corosync-qdevice" is "stopped" on "hanode1" + When Run "crm cluster join -c hanode2 -y" on "hanode1" + Then Service "corosync-qdevice" is "started" on "hanode1" + @skip_non_root @clean Scenario: Passwordless for root, not for sudoer (bsc#1209193) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh-5.0.0+20260325.30415311/test/unittests/test_bootstrap.py new/crmsh-5.0.0+20260401.827507a4/test/unittests/test_bootstrap.py --- old/crmsh-5.0.0+20260325.30415311/test/unittests/test_bootstrap.py 2026-03-25 05:38:47.000000000 +0100 +++ new/crmsh-5.0.0+20260401.827507a4/test/unittests/test_bootstrap.py 2026-04-01 08:32:17.000000000 +0200 @@ -1421,29 +1421,6 @@ mock_remove_db.assert_called_once_with() mock_cluster_shell_inst.get_stdout_or_raise_error.assert_called_once_with("corosync-cfgtool -R") - @mock.patch('crmsh.utils.this_node') - @mock.patch('crmsh.service_manager.ServiceManager.start_service') - @mock.patch('crmsh.qdevice.QDevice') - @mock.patch('crmsh.corosync.get_value') - @mock.patch('crmsh.corosync.is_qdevice_tls_on') - @mock.patch('crmsh.log.LoggerUtils.status_long') - def test_start_qdevice_on_join_node(self, mock_status_long, mock_qdevice_tls, mock_get_value, mock_qdevice, mock_start_service, mock_this_node): - mock_this_node.return_value = "node1" - mock_qdevice_tls.return_value = True - mock_get_value.return_value = "10.10.10.123" - mock_qdevice_inst = mock.Mock() - mock_qdevice.return_value = mock_qdevice_inst - mock_qdevice_inst.certificate_process_on_join = mock.Mock() - - bootstrap.start_qdevice_on_join_node("node2") - - mock_status_long.assert_called_once_with("Starting and enable corosync-qdevice.service on node1") - mock_qdevice_tls.assert_called_once_with() - mock_get_value.assert_called_once_with("quorum.device.net.host") - mock_qdevice.assert_called_once_with("10.10.10.123", cluster_node="node2") - mock_qdevice_inst.certificate_process_on_join.assert_called_once_with() - mock_start_service.assert_called_once_with("corosync-qdevice.service", enable=True) - @mock.patch('crmsh.sh.ShellUtils.get_stdout_stderr') @mock.patch('crmsh.log.LoggerUtils.log_only_to_file') def test_invoke(self, mock_log, mock_run): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crmsh-5.0.0+20260325.30415311/test/unittests/test_qdevice.py new/crmsh-5.0.0+20260401.827507a4/test/unittests/test_qdevice.py --- old/crmsh-5.0.0+20260325.30415311/test/unittests/test_qdevice.py 2026-03-25 05:38:47.000000000 +0100 +++ new/crmsh-5.0.0+20260401.827507a4/test/unittests/test_qdevice.py 2026-04-01 08:32:17.000000000 +0200 @@ -140,7 +140,6 @@ self.qdevice_with_hostname = qdevice.QDevice("node.qnetd") self.qdevice_with_invalid_port = qdevice.QDevice("10.10.10.123", port=100) self.qdevice_with_invalid_tie_breaker = qdevice.QDevice("10.10.10.123", tie_breaker="wrong") - self.qdevice_with_ip_cluster_node = qdevice.QDevice("10.10.10.123", cluster_node="node1.com") self.qdevice_with_invalid_cmds_relative_path = qdevice.QDevice("10.10.10.123", cmds="ls") self.qdevice_with_invalid_cmds_not_exist = qdevice.QDevice("10.10.10.123", cmds="/not_exist") self.qdevice_with_cluster_name = qdevice.QDevice("10.10.10.123", cluster_name="hacluster1") @@ -161,10 +160,6 @@ res = self.qdevice_with_ip.qnetd_cacert_on_local self.assertEqual(res, "/etc/corosync/qdevice/net/10.10.10.123/qnetd-cacert.crt") - def test_qnetd_cacert_on_cluster(self): - res = self.qdevice_with_ip_cluster_node.qnetd_cacert_on_cluster - self.assertEqual(res, "/etc/corosync/qdevice/net/node1.com/qnetd-cacert.crt") - def test_qdevice_crq_on_qnetd(self): res = self.qdevice_with_cluster_name.qdevice_crq_on_qnetd self.assertEqual(res, "/etc/corosync/qnetd/nssdb/qdevice-net-node.crq.hacluster1") @@ -189,10 +184,6 @@ res = self.qdevice_with_ip.qdevice_p12_on_local self.assertEqual(res, "/etc/corosync/qdevice/net/nssdb/qdevice-net-node.p12") - def test_qdevice_p12_on_cluster(self): - res = self.qdevice_with_ip_cluster_node.qdevice_p12_on_cluster - self.assertEqual(res, "/etc/corosync/qdevice/net/node1.com/qdevice-net-node.p12") - @mock.patch('crmsh.utils.InterfacesInfo.ip_in_local') @mock.patch('crmsh.utils.ssh_port_reachable_check') @mock.patch('socket.getaddrinfo') @@ -601,119 +592,6 @@ mock_copy_p12_to_cluster.assert_called_once() mock_import_p12_on_cluster.assert_called_once() - @mock.patch("crmsh.qdevice.QDevice.log_only_to_file") - @mock.patch("os.path.exists") - @mock.patch("crmsh.qdevice.QDevice.qnetd_cacert_on_cluster", new_callable=mock.PropertyMock) - @mock.patch("crmsh.qdevice.QDevice.qnetd_cacert_on_local", new_callable=mock.PropertyMock) - @mock.patch("crmsh.parallax.parallax_slurp") - def test_fetch_qnetd_crt_from_cluster_exist(self, mock_parallax_slurp, mock_qnetd_cacert_local, - mock_qnetd_cacert_cluster, mock_exists, mock_log): - mock_exists.return_value = True - mock_qnetd_cacert_cluster.return_value = "/etc/corosync/qdevice/net/node1.com/qnetd-cacert.crt" - - self.qdevice_with_ip_cluster_node.fetch_qnetd_crt_from_cluster() - - mock_log.assert_not_called() - mock_exists.assert_called_once_with(mock_qnetd_cacert_cluster.return_value) - mock_qnetd_cacert_cluster.assert_called_once_with() - mock_qnetd_cacert_local.assert_not_called() - mock_parallax_slurp.assert_not_called() - - @mock.patch("crmsh.qdevice.QDevice.log_only_to_file") - @mock.patch("os.path.exists") - @mock.patch("crmsh.qdevice.QDevice.qnetd_cacert_on_cluster", new_callable=mock.PropertyMock) - @mock.patch("crmsh.qdevice.QDevice.qnetd_cacert_on_local", new_callable=mock.PropertyMock) - @mock.patch("crmsh.parallax.parallax_slurp") - def test_fetch_qnetd_crt_from_cluster(self, mock_parallax_slurp, mock_qnetd_cacert_local, - mock_qnetd_cacert_cluster, mock_exists, mock_log): - mock_exists.return_value = False - mock_qnetd_cacert_cluster.return_value = "/etc/corosync/qdevice/net/node1.com/qnetd-cacert.crt" - mock_qnetd_cacert_local.return_value = "/etc/corosync/qdevice/net/10.10.10.123/qnetd-cacert.crt" - - self.qdevice_with_ip_cluster_node.fetch_qnetd_crt_from_cluster() - - mock_log.assert_called_once_with("Step 1: Fetch qnetd-cacert.crt from node1.com") - mock_exists.assert_called_once_with(mock_qnetd_cacert_cluster.return_value) - mock_qnetd_cacert_cluster.assert_called_once_with() - mock_qnetd_cacert_local.assert_called_once_with() - mock_parallax_slurp.assert_called_once_with(["node1.com"], "/etc/corosync/qdevice/net", mock_qnetd_cacert_local.return_value) - - @mock.patch("crmsh.qdevice.QDevice.log_only_to_file") - @mock.patch("crmsh.sh.ClusterShell.get_stdout_or_raise_error") - @mock.patch("crmsh.qdevice.QDevice.qnetd_cacert_on_cluster", new_callable=mock.PropertyMock) - def test_init_db_on_local(self, mock_qnetd_cacert_cluster, mock_stdout_stderr, mock_log): - mock_qnetd_cacert_cluster.return_value = "/etc/corosync/qdevice/net/node1.com/qnetd-cacert.crt" - mock_stdout_stderr.return_value = (0, None, None) - - self.qdevice_with_ip_cluster_node.init_db_on_local() - - mock_log.assert_called_once_with("Step 2: Initialize database on local", - 'corosync-qdevice-net-certutil -i -c /etc/corosync/qdevice/net/node1.com/qnetd-cacert.crt') - mock_qnetd_cacert_cluster.assert_called_once_with() - mock_stdout_stderr.assert_called_once_with("corosync-qdevice-net-certutil -i -c {}".format(mock_qnetd_cacert_cluster.return_value)) - - @mock.patch("crmsh.qdevice.QDevice.log_only_to_file") - @mock.patch("os.path.exists") - @mock.patch("crmsh.qdevice.QDevice.qdevice_p12_on_cluster", new_callable=mock.PropertyMock) - @mock.patch("crmsh.qdevice.QDevice.qdevice_p12_on_local", new_callable=mock.PropertyMock) - @mock.patch("crmsh.parallax.parallax_slurp") - def test_fetch_p12_from_cluster_exist(self, mock_parallax_slurp, mock_p12_on_local, - mock_p12_on_cluster, mock_exists, mock_log): - mock_exists.return_value = True - mock_p12_on_cluster.return_value = "/etc/corosync/qdevice/net/node1.com/qdevice-net-node.p12" - - self.qdevice_with_ip_cluster_node.fetch_p12_from_cluster() - - mock_log.assert_not_called() - mock_exists.assert_called_once_with(mock_p12_on_cluster.return_value) - mock_p12_on_cluster.assert_called_once_with() - mock_p12_on_local.assert_not_called() - mock_parallax_slurp.assert_not_called() - - @mock.patch("crmsh.qdevice.QDevice.log_only_to_file") - @mock.patch("os.path.exists") - @mock.patch("crmsh.qdevice.QDevice.qdevice_p12_on_cluster", new_callable=mock.PropertyMock) - @mock.patch("crmsh.qdevice.QDevice.qdevice_p12_on_local", new_callable=mock.PropertyMock) - @mock.patch("crmsh.parallax.parallax_slurp") - def test_fetch_p12_from_cluster(self, mock_parallax_slurp, mock_p12_on_local, - mock_p12_on_cluster, mock_exists, mock_log): - mock_exists.return_value = False - mock_p12_on_cluster.return_value = "/etc/corosync/qdevice/net/node1.com/qdevice-net-node.p12" - mock_p12_on_local.return_value = "/etc/corosync/qdevice/net/nssdb/qdevice-net-node.p12" - - self.qdevice_with_ip_cluster_node.fetch_p12_from_cluster() - - mock_log.assert_called_once_with("Step 3: Fetch qdevice-net-node.p12 from node1.com") - mock_exists.assert_called_once_with(mock_p12_on_cluster.return_value) - mock_p12_on_cluster.assert_called_once_with() - mock_p12_on_local.assert_called_once_with() - mock_parallax_slurp.assert_called_once_with(["node1.com"], '/etc/corosync/qdevice/net', mock_p12_on_local.return_value) - - @mock.patch("crmsh.qdevice.QDevice.log_only_to_file") - @mock.patch("crmsh.sh.ClusterShell.get_stdout_or_raise_error") - @mock.patch("crmsh.qdevice.QDevice.qdevice_p12_on_cluster", new_callable=mock.PropertyMock) - def test_import_p12_on_local(self, mock_p12_on_cluster, mock_stdout_stderr, mock_log): - mock_p12_on_cluster.return_value = "/etc/corosync/qdevice/net/node1.com/qdevice-net-node.p12" - - self.qdevice_with_ip_cluster_node.import_p12_on_local() - - mock_log.assert_called_once_with("Step 4: Import cluster certificate and key", - 'corosync-qdevice-net-certutil -m -c /etc/corosync/qdevice/net/node1.com/qdevice-net-node.p12') - mock_p12_on_cluster.assert_called_once_with() - mock_stdout_stderr.assert_called_once_with("corosync-qdevice-net-certutil -m -c {}".format(mock_p12_on_cluster.return_value)) - - @mock.patch("crmsh.qdevice.QDevice.import_p12_on_local") - @mock.patch("crmsh.qdevice.QDevice.fetch_p12_from_cluster") - @mock.patch("crmsh.qdevice.QDevice.init_db_on_local") - @mock.patch("crmsh.qdevice.QDevice.fetch_qnetd_crt_from_cluster") - def test_certificate_process_on_join(self, mock_fetch_qnetd_crt_from_cluster, mock_init_db_on_local, - mock_fetch_p12_from_cluster, mock_import_p12_on_local): - self.qdevice_with_ip.certificate_process_on_join() - mock_fetch_qnetd_crt_from_cluster.assert_called_once_with() - mock_init_db_on_local.assert_called_once_with() - mock_fetch_p12_from_cluster.assert_called_once_with() - mock_import_p12_on_local.assert_called_once_with() - @mock.patch("crmsh.parallax.parallax_call") @mock.patch('crmsh.utils.list_cluster_nodes') @mock.patch('os.path.exists')
