IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

test_renewal_master: add ipa csreplica-manage test

Browse Source 
Add test case for setting renewal master using command
ipa-csreplica-manage.

Automation related to upstream ticket #7120. Testing using
config-mod already covered.

https://pagure.io/freeipa/issue/7321

Reviewed-By: Christian Heimes <cheimes@redhat.com>
This commit is contained in:
Michal Reznik 2017-12-13 09:49:54 +01:00 committed by Christian Heimes
parent f5c01c5e86
commit dbb7784b90
1 changed files with 45 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
ipatests/test_integration/test_replica_promotion.py
View File

@ -3,6 +3,7 @@
# #
import time import time
import re
from tempfile import NamedTemporaryFile from tempfile import NamedTemporaryFile
import textwrap import textwrap
import pytest import pytest
@ -454,6 +455,13 @@ class TestRenewalMaster(IntegrationTest):
def uninstall(cls, mh): def uninstall(cls, mh):
super(TestRenewalMaster, cls).uninstall(mh) super(TestRenewalMaster, cls).uninstall(mh)
def assertCARenewalMaster(self, host, expected):
""" Ensure there is only one CA renewal master set """
result = host.run_command(["ipa", "config-show"]).stdout_text
matches = list(re.finditer('IPA CA renewal master: (.*)', result))
assert len(matches), 1
assert matches[0].group(1) == expected
def test_replica_not_marked_as_renewal_master(self): def test_replica_not_marked_as_renewal_master(self):
""" """
https://fedorahosted.org/freeipa/ticket/5902 https://fedorahosted.org/freeipa/ticket/5902
@ -476,10 +484,45 @@ class TestRenewalMaster(IntegrationTest):
assert("IPA CA renewal master: %s" % replica.hostname in result), ( assert("IPA CA renewal master: %s" % replica.hostname in result), (
"Replica hostname not found among CA renewal masters" "Replica hostname not found among CA renewal masters"
) )
# additional check e.g. to see if there is only one renewal master
self.assertCARenewalMaster(replica, replica.hostname)
def test_renewal_master_with_csreplica_manage(self):
master = self.master
replica = self.replicas[0]
self.assertCARenewalMaster(master, replica.hostname)
self.assertCARenewalMaster(replica, replica.hostname)
master.run_command(['ipa-csreplica-manage', 'set-renewal-master',
'-p', master.config.dirman_password])
result = master.run_command(["ipa", "config-show"]).stdout_text
assert("IPA CA renewal master: %s" % master.hostname in result), (
"Master hostname not found among CA renewal masters"
)
# lets give replication some time
time.sleep(60)
self.assertCARenewalMaster(master, master.hostname)
self.assertCARenewalMaster(replica, master.hostname)
replica.run_command(['ipa-csreplica-manage', 'set-renewal-master',
'-p', replica.config.dirman_password])
result = replica.run_command(["ipa", "config-show"]).stdout_text
assert("IPA CA renewal master: %s" % replica.hostname in result), (
"Replica hostname not found among CA renewal masters"
)
self.assertCARenewalMaster(master, replica.hostname)
self.assertCARenewalMaster(replica, replica.hostname)
def test_automatic_renewal_master_transfer_ondelete(self): def test_automatic_renewal_master_transfer_ondelete(self):
# Test that after master uninstallation, replica overtakes the cert # Test that after replica uninstallation, master overtakes the cert
# renewal master role # renewal master role from replica (which was previously set there)
tasks.uninstall_master(self.replicas[0]) tasks.uninstall_master(self.replicas[0])
result = self.master.run_command(['ipa', 'config-show']).stdout_text result = self.master.run_command(['ipa', 'config-show']).stdout_text
assert("IPA CA renewal master: %s" % self.master.hostname in result), ( assert("IPA CA renewal master: %s" % self.master.hostname in result), (