URL: https://github.com/freeipa/freeipa/pull/1579 Author: Rezney Title: #1579: [Backport][ipa-4-5] [Backport][ipa-4-6] - test_renewal_master: add ipa csreplica-manage test Action: opened
PR body: """ This PR was opened automatically because PR #1573 was pushed to ipa-4-6 and backport to ipa-4-5 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/1579/head:pr1579 git checkout pr1579
From 43f3979a03daa8f25a80148a5224e65e91ad1b7f Mon Sep 17 00:00:00 2001 From: Michal Reznik <mrez...@redhat.com> Date: Wed, 13 Dec 2017 09:49:54 +0100 Subject: [PATCH] test_renewal_master: add ipa csreplica-manage test Add test case for setting renewal master using command ipa-csreplica-manage. Automation related to upstream ticket #7120. Testing using config-mod already covered. https://pagure.io/freeipa/issue/7321 Reviewed-By: Christian Heimes <chei...@redhat.com> --- .../test_integration/test_replica_promotion.py | 46 +++++++++++++++++++++- 1 file changed, 44 insertions(+), 2 deletions(-) diff --git a/ipatests/test_integration/test_replica_promotion.py b/ipatests/test_integration/test_replica_promotion.py index 4629d1ff05..5ee79601e4 100644 --- a/ipatests/test_integration/test_replica_promotion.py +++ b/ipatests/test_integration/test_replica_promotion.py @@ -454,6 +454,13 @@ class TestRenewalMaster(IntegrationTest): def uninstall(cls, mh): super(TestRenewalMaster, cls).uninstall(mh) + def assertCARenewalMaster(self, host, expected): + """ Ensure there is only one CA renewal master set """ + result = host.run_command(["ipa", "config-show"]).stdout_text + matches = list(re.finditer('IPA CA renewal master: (.*)', result)) + assert len(matches), 1 + assert matches[0].group(1) == expected + def test_replica_not_marked_as_renewal_master(self): """ https://fedorahosted.org/freeipa/ticket/5902 @@ -476,10 +483,45 @@ def test_manual_renewal_master_transfer(self): assert("IPA CA renewal master: %s" % replica.hostname in result), ( "Replica hostname not found among CA renewal masters" ) + # additional check e.g. to see if there is only one renewal master + self.assertCARenewalMaster(replica, replica.hostname) + + def test_renewal_master_with_csreplica_manage(self): + + master = self.master + replica = self.replicas[0] + + self.assertCARenewalMaster(master, replica.hostname) + self.assertCARenewalMaster(replica, replica.hostname) + + master.run_command(['ipa-csreplica-manage', 'set-renewal-master', + '-p', master.config.dirman_password]) + result = master.run_command(["ipa", "config-show"]).stdout_text + + assert("IPA CA renewal master: %s" % master.hostname in result), ( + "Master hostname not found among CA renewal masters" + ) + + # lets give replication some time + time.sleep(60) + + self.assertCARenewalMaster(master, master.hostname) + self.assertCARenewalMaster(replica, master.hostname) + + replica.run_command(['ipa-csreplica-manage', 'set-renewal-master', + '-p', replica.config.dirman_password]) + result = replica.run_command(["ipa", "config-show"]).stdout_text + + assert("IPA CA renewal master: %s" % replica.hostname in result), ( + "Replica hostname not found among CA renewal masters" + ) + + self.assertCARenewalMaster(master, replica.hostname) + self.assertCARenewalMaster(replica, replica.hostname) def test_automatic_renewal_master_transfer_ondelete(self): - # Test that after master uninstallation, replica overtakes the cert - # renewal master role + # Test that after replica uninstallation, master overtakes the cert + # renewal master role from replica (which was previously set there) tasks.uninstall_master(self.replicas[0]) result = self.master.run_command(['ipa', 'config-show']).stdout_text assert("IPA CA renewal master: %s" % self.master.hostname in result), (
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org