[Freeipa-devel] [PATCH 0208] Respect --test option in upgrade plugins

Martin Basti Fri, 06 Mar 2015 09:06:08 -0800

Upgrade plugins which modify LDAP data directly should not be executedin --test mode.

This patch is a workaround, to ensure update with --test option will notmodify any LDAP data.


https://fedorahosted.org/freeipa/ticket/3448

Patch attached.

--
Martin Basti

From 0616696080c25531d9dd5c30d7e32e0a7da9ed6c Mon Sep 17 00:00:00 2001
From: Martin Basti <mba...@redhat.com>
Date: Fri, 6 Mar 2015 17:44:47 +0100
Subject: [PATCH] Server Upgrade: respect --test option in plugins

Several plugins do the LDAP data modification directly.
In test mode these plugis should not be executed.

https://fedorahosted.org/freeipa/ticket/3448
---
 ipaserver/install/plugins/dns.py                        | 9 +++++++++
 ipaserver/install/plugins/fix_replica_agreements.py     | 4 ++++
 ipaserver/install/plugins/update_idranges.py            | 7 +++++++
 ipaserver/install/plugins/update_managed_permissions.py | 4 ++++
 ipaserver/install/plugins/update_pacs.py                | 4 ++++
 ipaserver/install/plugins/update_referint.py            | 3 +++
 ipaserver/install/plugins/update_services.py            | 4 ++++
 7 files changed, 35 insertions(+)

diff --git a/ipaserver/install/plugins/dns.py b/ipaserver/install/plugins/dns.py
index f562978bcbcc02321c0e9a668af88b4f596f8556..2e33982e7d53cad794cca5867aa94a0df766eff8 100644
--- a/ipaserver/install/plugins/dns.py
+++ b/ipaserver/install/plugins/dns.py
@@ -60,6 +60,10 @@ class update_dnszones(PostUpdate):
     order=MIDDLE
 
     def execute(self, **options):
+        if not options.get('live_run'):
+            self.log.info("Test mode: skipping 'update_dnszones'")
+            return False, False, ()
+
         ldap = self.obj.backend
         if not dns_container_exists(ldap):
             return (False, False, [])
@@ -159,6 +163,11 @@ class update_master_to_dnsforwardzones(PostUpdate):
     backup_path = u'%s%s' % (backup_dir, backup_filename)
 
     def execute(self, **options):
+        if not options.get('live_run'):
+            self.log.info("Test mode: skipping "
+                          "'update_master_to_dnsforwardzones'")
+            return False, False, ()
+
         ldap = self.obj.backend
         # check LDAP if forwardzones already uses new semantics
         dns_container_dn = DN(api.env.container_dns, api.env.basedn)
diff --git a/ipaserver/install/plugins/fix_replica_agreements.py b/ipaserver/install/plugins/fix_replica_agreements.py
index a5ff4819fa4c432b378a9f1c0f6952bc312a6792..597a133145e1cad2265386bf6eb55d47fefa86e3 100644
--- a/ipaserver/install/plugins/fix_replica_agreements.py
+++ b/ipaserver/install/plugins/fix_replica_agreements.py
@@ -38,6 +38,10 @@ class update_replica_attribute_lists(PreUpdate):
     order = MIDDLE
 
     def execute(self, **options):
+        if not options.get('live_run'):
+            self.log.info("Test mode: skipping "
+                          "'update_replica_attribute_lists'")
+            return False, False, ()
         # We need an IPAdmin connection to the backend
         self.log.debug("Start replication agreement exclude list update task")
         conn = ipaldap.IPAdmin(api.env.host, ldapi=True, realm=api.env.realm)
diff --git a/ipaserver/install/plugins/update_idranges.py b/ipaserver/install/plugins/update_idranges.py
index 1aa5fa7631fd35a7aaf4a23a5eee44e4e0a2e904..cc462ef1265e3bee2137df1c787d93b048981e25 100644
--- a/ipaserver/install/plugins/update_idranges.py
+++ b/ipaserver/install/plugins/update_idranges.py
@@ -33,6 +33,9 @@ class update_idrange_type(PostUpdate):
     order = MIDDLE
 
     def execute(self, **options):
+        if not options.get('live_run'):
+            self.log.info("Test mode: skipping 'update_idrange_type'")
+            return False, False, ()
         ldap = self.obj.backend
 
         base_dn = DN(api.env.container_ranges, api.env.basedn)
@@ -121,6 +124,10 @@ class update_idrange_baserid(PostUpdate):
     order = LAST
 
     def execute(self, **options):
+        if not options.get('live_run'):
+            self.log.info("Test mode: skipping 'update_idrange_baserid'")
+            return False, False, ()
+
         ldap = self.obj.backend
 
         base_dn = DN(api.env.container_ranges, api.env.basedn)
diff --git a/ipaserver/install/plugins/update_managed_permissions.py b/ipaserver/install/plugins/update_managed_permissions.py
index 430a2919a315bfd8d8e6174a915890d44b782c5c..55e1068540d99ad189aa85682ba9ef1e96293abb 100644
--- a/ipaserver/install/plugins/update_managed_permissions.py
+++ b/ipaserver/install/plugins/update_managed_permissions.py
@@ -402,6 +402,10 @@ class update_managed_permissions(PostUpdate):
 
 
     def execute(self, **options):
+        if not options.get('live_run'):
+            self.log.info("Test mode: skipping 'update_managed_permissions'")
+            return False, False, ()
+
         ldap = self.api.Backend[ldap2]
 
         anonymous_read_aci = self.get_anonymous_read_aci(ldap)
diff --git a/ipaserver/install/plugins/update_pacs.py b/ipaserver/install/plugins/update_pacs.py
index 653456bb84d5464022024f5baaf4a7543f01f96f..1286d75114254052f8d368976856298f0d8e79d5 100644
--- a/ipaserver/install/plugins/update_pacs.py
+++ b/ipaserver/install/plugins/update_pacs.py
@@ -31,6 +31,10 @@ class update_pacs(PostUpdate):
     order = MIDDLE
 
     def execute(self, **options):
+        if not options.get('live_run'):
+            self.log.info("Test mode: skipping 'update_pacs'")
+            return False, False, ()
+
         ldap = self.obj.backend
 
         try:
diff --git a/ipaserver/install/plugins/update_referint.py b/ipaserver/install/plugins/update_referint.py
index 1b7411035b27ebba04246a7ee6f220d470b46688..c6c62b70ff2230b208e498574a50caabdadc8f9c 100644
--- a/ipaserver/install/plugins/update_referint.py
+++ b/ipaserver/install/plugins/update_referint.py
@@ -28,6 +28,9 @@ class update_referint(PreUpdate):
                            ('cn', 'plugins'), ('cn', 'config'))
 
     def execute(self, **options):
+        if not options.get('live_run'):
+            self.log.info("Test mode: skipping 'update_referint'")
+            return False, False, ()
 
         root_logger.debug("Upgrading referential integrity plugin configuration")
         ldap = self.obj.backend
diff --git a/ipaserver/install/plugins/update_services.py b/ipaserver/install/plugins/update_services.py
index 2122abb10a14824ea752123cb59bea8ce9a7d665..d213ace62ef087b71355ea033c81f3c7fd63330f 100644
--- a/ipaserver/install/plugins/update_services.py
+++ b/ipaserver/install/plugins/update_services.py
@@ -33,6 +33,10 @@ class update_service_principalalias(PostUpdate):
     order = MIDDLE
 
     def execute(self, **options):
+        if not options.get('live_run'):
+            self.log.info("Test mode: skipping 'update_service_principalalias'")
+            return False, False, ()
+
         ldap = self.obj.backend
 
         base_dn = DN(api.env.container_service, api.env.basedn)
-- 
2.1.0

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

[Freeipa-devel] [PATCH 0208] Respect --test option in upgrade plugins

Reply via email to