ipatests: add test for PKI subsystem detection

Add a new upgrade test. Scenario:
- create an empty /var/lib/pki/pki-tomcat/kra directory
- call ipa-server-upgrade

With issue 8596, the upgrade fails because it assumes KRA is
installed. With the fix, ipa-server-upgrade completes successfully.

Related: https://pagure.io/freeipa/issue/8596
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
This commit is contained in:
Florence Blanc-Renaud 2020-11-25 10:00:39 +01:00
parent 930453b65e
commit 526686ec1c
2 changed files with 37 additions and 0 deletions

View File

@ -2439,6 +2439,18 @@ def get_sssd_version(host):
return parse_version(version)
def get_pki_version(host):
"""Get pki version on remote host."""
data = host.get_file_contents("/usr/share/pki/VERSION", encoding="utf-8")
groups = re.match(r'.*\nSpecification-Version: ([\d+\.]*)\n.*', data)
if groups:
version_string = groups.groups(0)[0]
return parse_version(version_string)
else:
raise ValueError("get_pki_version: pki is not installed")
def get_healthcheck_version(host):
"""
Function to get healthcheck version on fedora and rhel

View File

@ -278,3 +278,28 @@ class TestUpgrade(IntegrationTest):
result = self.master.run_command(["ipa", "pwpolicy-find"])
# if it is still missing the oc it won't be displayed
assert 'global_policy' in result.stdout_text
def test_kra_detection(self):
"""Test that ipa-server-upgrade correctly detects KRA presence
Test for https://pagure.io/freeipa/issue/8596
When the directory /var/lib/pki/pki-tomcat/kra/ exists, the upgrade
wrongly assumes that KRA component is installed and crashes.
The test creates an empty dir and calls ipa-server-upgrade
to make sure that KRA detection is not based on the directory
presence.
"""
# Skip test if pki 10.10.0 is installed
# because of https://github.com/dogtagpki/pki/issues/3397
# pki fails to start if empty dir /var/lib/pki/pki-tomcat/kra exists
if tasks.get_pki_version(self.master) == tasks.parse_version('10.10.0'):
pytest.skip("Skip test with pki 10.10.0")
kra_path = os.path.join(paths.VAR_LIB_PKI_TOMCAT_DIR, "kra")
try:
self.master.run_command(["mkdir", "-p", kra_path])
result = self.master.run_command(['ipa-server-upgrade'])
err_msg = 'Upgrade failed with no such entry'
assert err_msg not in result.stderr_text
finally:
self.master.run_command(["rmdir", kra_path])