[Freeipa-devel] [freeipa PR#5562][opened] ipatests: Enable certbot test on rhel

Mon, 15 Feb 2021 22:23:31 -0800 

   URL: https://github.com/freeipa/freeipa/pull/5562
Author: mrizwan93
 Title: #5562: ipatests: Enable certbot test on rhel
Action: opened

PR body:
"""
With this change, certbot test will be running on rhel.
certbot is not avilable on rhel through repository or epel.
Plan is to install certbot using pip on rhel and increase the
test coverage on rhel

Signed-off-by: Mohammad Rizwan <myu...@redhat.com>
"""

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/5562/head:pr5562
git checkout pr5562

From 6d461408f517e7d404d7918ca87aa9b4a95d525c Mon Sep 17 00:00:00 2001
From: Mohammad Rizwan <myu...@redhat.com>
Date: Mon, 15 Feb 2021 17:52:21 +0530
Subject: [PATCH] ipatests: Enable certbot test on rhel

With this change, certbot test will be running on rhel.
certbot is not avilable on rhel through repository or epel.
Plan is to install certbot using pip on rhel and increase the
test coverage on rhel

Signed-off-by: Mohammad Rizwan <myu...@redhat.com>
---
 ipatests/test_integration/test_acme.py | 20 +++-----------------
 1 file changed, 3 insertions(+), 17 deletions(-)

diff --git a/ipatests/test_integration/test_acme.py b/ipatests/test_integration/test_acme.py
index 473e8c7907f..79a4b4c2e0b 100644
--- a/ipatests/test_integration/test_acme.py
+++ b/ipatests/test_integration/test_acme.py
@@ -24,15 +24,6 @@
 IPA_CA = "ipa_ca.crt"
 ROOT_CA = "root_ca.crt"
 
-# RHEL does not have certbot.  EPEL's version is broken with
-# python-cryptography-2.3; likewise recent PyPI releases.
-# So for now, on RHEL we suppress tests that use certbot.
-skip_certbot_tests = osinfo.id not in ['fedora', ]
-
-# Fedora mod_md package needs some patches before it will work.
-# RHEL version has the patches.
-skip_mod_md_tests = osinfo.id not in ['rhel', 'fedora', ]
-
 CERTBOT_DNS_IPA_SCRIPT = '/usr/libexec/ipa/acme/certbot-dns-ipa'
 
 
@@ -114,9 +105,9 @@ def prepare_acme_client(cls):
         cls.acme_server = f'https://{acme_host}/acme/directory'
 
         # install acme client packages
-        if not skip_certbot_tests:
-            tasks.install_packages(cls.clients[0], ['certbot'])
-        if not skip_mod_md_tests:
+        if osinfo.id == 'fedora':
+            tasks.install_packages(cls.clients[0], ['certbot', 'mod_md'])
+        if osinfo.id == 'rhel':
             tasks.install_packages(cls.clients[0], ['mod_md'])
 
     @classmethod
@@ -216,7 +207,6 @@ def test_centralize_acme_enable(self):
     # Certbot tests
     ###############
 
-    @pytest.mark.skipif(skip_certbot_tests, reason='certbot not available')
     def test_certbot_register(self):
         # clean up any existing registration and certificates
         self.clients[0].run_command(
@@ -243,7 +233,6 @@ def test_certbot_register(self):
             ],
         )
 
-    @pytest.mark.skipif(skip_certbot_tests, reason='certbot not available')
     def test_certbot_certonly_standalone(self):
         # Get a cert from ACME service using HTTP challenge and Certbot's
         # standalone HTTP server mode
@@ -258,7 +247,6 @@ def test_certbot_certonly_standalone(self):
             ],
         )
 
-    @pytest.mark.skipif(skip_certbot_tests, reason='certbot not available')
     def test_certbot_revoke(self):
         # Assume previous certonly operation succeeded.
         # Read certificate to learn serial number.
@@ -284,7 +272,6 @@ def test_certbot_revoke(self):
         )
         assert 'revocation_reason:' in result.stdout_text
 
-    @pytest.mark.skipif(skip_certbot_tests, reason='certbot not available')
     def test_certbot_dns(self):
         # Assume previous revoke operation succeeded and cert was deleted.
         # We can now request a new certificate.
@@ -308,7 +295,6 @@ def test_certbot_dns(self):
     # mod_md tests
     ##############
 
-    @pytest.mark.skipif(skip_mod_md_tests, reason='mod_md not available')
     def test_mod_md(self):
         if get_selinux_status(self.clients[0]):
             # mod_md requires its own SELinux policy to grant perms to

_______________________________________________
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Reply via email to