URL: https://github.com/freeipa/freeipa/pull/5821 Author: mrizwan93 Title: #5821: ipatest: Test ipa-cert-fix fails when startup directive is missing from CS.cfg Action: opened
PR body: """ This test checks that if 'selftests.container.order.startup' directive is missing from CS.cfg, ipa-cert-fix fails and throw proper error message. It also checks that underlying command 'pki-server cert-fix' should fail to renew the cert. related: https://pagure.io/freeipa/issue/8721 Signed-off-by: Mohammad Rizwan <myu...@redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5821/head:pr5821 git checkout pr5821
From 6289914eb72e80f3a1cc8c4053213bcb6831b661 Mon Sep 17 00:00:00 2001 From: Mohammad Rizwan <myu...@redhat.com> Date: Wed, 9 Jun 2021 16:38:32 +0530 Subject: [PATCH] ipatest: Test ipa-cert-fix fails when startup directive is missing from CS.cfg This test checks that if 'selftests.container.order.startup' directive is missing from CS.cfg, ipa-cert-fix fails and throw proper error message. It also checks that underlying command 'pki-server cert-fix' should fail to renew the cert. related: https://pagure.io/freeipa/issue/8721 Signed-off-by: Mohammad Rizwan <myu...@redhat.com> --- .../test_integration/test_ipa_cert_fix.py | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/ipatests/test_integration/test_ipa_cert_fix.py b/ipatests/test_integration/test_ipa_cert_fix.py index 6d5d8a058dd..1cfe643fa42 100644 --- a/ipatests/test_integration/test_ipa_cert_fix.py +++ b/ipatests/test_integration/test_ipa_cert_fix.py @@ -192,6 +192,37 @@ def test_ipa_cert_fix_non_ipa(self): raiseonerr=False) assert result.returncode == 2 + def test_missing_startup(self, expire_cert_critical): + """ + Test ipa-cert-fix fails when startup directive is missing from CS.cfg + + This test checks that if 'selftests.container.order.startup' directive + is missing from CS.cfg, ipa-cert-fix fails and throw proper error + message. It also checks that underlying command 'pki-server cert-fix' + should fail to renew the cert. + + related: https://pagure.io/freeipa/issue/8721 + """ + expire_cert_critical(self.master) + # pki must be stopped in order to edit CS.cfg + self.master.run_command(['ipactl', 'stop']) + self.master.run_command([ + 'sed', '-i', r'/selftests\.container\.order\.startup/d', + paths.CA_CS_CFG_PATH + ]) + # dirsrv needs to be up in order to run ipa-cert-fix + self.master.run_command(['ipactl', 'start', + '--ignore-service-failures']) + + result = self.master.run_command(['ipa-cert-fix', '-v'], + stdin_text='yes\n', + raiseonerr=False) + err_msg1 = "ERROR: 'selftests.container.order.startup'" + # check that pki-server cert-fix command fails + err_msg2 = ("ERROR: CalledProcessError(Command " + "['pki-server', 'cert-fix'") + assert err_msg1 and err_msg2 in result.stderr_text + class TestIpaCertFixThirdParty(CALessBase): """
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure