KRA: don't add KRA container when KRA replica

This fixes regression caused by c56256e2a2
"""
  [9/11]: add vault container
ipa         : CRITICAL Failed to load vault.ldif: Command
'/usr/bin/ldapmodify -v -f /tmp/tmpxxO9IC -H
ldapi://%2fvar%2frun%2fslapd-IPA-TEST.socket -x -D cn=Directory
Manager
-y /tmp/tmpVKinCZ' returned non-zero exit status 68
  [10/11]: apply LDAP updates
"""

and removes unneded steps during installation of KRA replica,
because KRA container must be there since installation of first KRA
instance.

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
This commit is contained in:
Martin Basti 2016-11-11 15:45:17 +01:00
parent 5862eaa1a0
commit 61094a2a20

View File

@ -51,7 +51,6 @@ ADMIN_GROUPS = [
'Security Domain Administrators'
]
LDAPMOD_ERR_ALREADY_EXISTS = 68
class KRAInstance(DogtagInstance):
"""
@ -126,7 +125,8 @@ class KRAInstance(DogtagInstance):
self.step("configure certificate renewals", self.configure_renewal)
self.step("configure HTTP to proxy connections",
self.http_proxy)
self.step("add vault container", self.__add_vault_container)
if not self.clone:
self.step("add vault container", self.__add_vault_container)
self.step("apply LDAP updates", self.__apply_updates)
self.step("enabling KRA instance", self.__enable_instance)
@ -316,14 +316,8 @@ class KRAInstance(DogtagInstance):
conn.disconnect()
def __add_vault_container(self):
try:
self._ldap_mod('vault.ldif', {'SUFFIX': self.suffix},
raise_on_err=True)
except ipautil.CalledProcessError as e:
if e.returncode == LDAPMOD_ERR_ALREADY_EXISTS:
self.log.debug("Vault container already exists")
else:
self.log.error("Failed to add vault container: {0}".format(e))
self._ldap_mod(
'vault.ldif', {'SUFFIX': self.suffix}, raise_on_err=True)
def __apply_updates(self):
sub_dict = {