freeipa/ipatests/azure/azure-run-tests.sh
Stanislav Levin feae9de73e Setup DNS for AP Docker container
Docker utilizes its own way to provide DNS (hostname, hosts, NS).
By default, they are almost the same as the host's ones.
For instance, below is from AP container:
```
cat /etc/hosts

127.0.0.1	localhost
::1	localhost ip6-localhost ip6-loopback
fe00::0	ip6-localnet
ff00::0	ip6-mcastprefix
ff02::1	ip6-allnodes
ff02::2	ip6-allrouters
172.17.0.2	ipa.example.test ipa

cat /etc/resolv.conf
nameserver 168.63.129.16
search hqdv2iuiph0ufpcrhp4amkgzwf.fx.internal.cloudapp.net
```

As a result FreeIPA uses 168.63.129.16 (AP DNS NS [1]) as a DNS forwarder.
It's not desirable to rely on this.
Let's clear test environment.

[1] https://docs.microsoft.com/en-us/azure/virtual-network/what-is-ip-address-168-63-129-16

Related: https://pagure.io/freeipa/issue/8077
Signed-off-by: Stanislav Levin <slev@altlinux.org>
Reviewed-By: Christian Heimes <cheimes@redhat.com>
2019-09-25 20:14:06 +10:00

91 lines
3.1 KiB
Bash
Executable File

#!/bin/bash -ex
# Setup DNS
echo -e '127.0.0.1 localhost\n::1 localhost\n' > /etc/hosts
echo 'nameserver 8.8.8.8' > /etc/resolv.conf
server_realm=EXAMPLE.TEST
server_domain=example.test
server_password=Secret123
# Normalize spacing and expand the list afterwards. Remove {} for the single list element case
tests_to_run=$(eval "echo {$(echo $TESTS_TO_RUN | sed -e 's/[ \t]+*/,/g')}" | tr -d '{}')
tests_to_ignore=$(eval "echo --ignore\ {$(echo $TESTS_TO_IGNORE | sed -e 's/[ \t]+*/,/g')}" | tr -d '{}')
tests_to_dedicate=
[[ -n "$TESTS_TO_DEDICATE" ]] && \
tests_to_dedicate=$(eval "echo --slice-dedicated={$(echo $TESTS_TO_DEDICATE | sed -e 's/[ \t]+*/,/g')}" | tr -d '{}')
systemctl --now enable firewalld
echo "Installing FreeIPA master for the domain ${server_domain} and realm ${server_realm}"
ipa-server-install -U --domain ${server_domain} --realm ${server_realm} \
-p ${server_password} -a ${server_password} \
--setup-dns --setup-kra --auto-forwarders
install_result=$?
tests_result=1
mkdir -p /freeipa/$CI_RUNNER_LOGS_DIR
cd /freeipa/$CI_RUNNER_LOGS_DIR
if [ "$install_result" -eq 0 ] ; then
echo "Run IPA tests"
echo "Installation complete. Performance of individual steps:"
grep 'service duration:' /var/log/ipaserver-install.log | sed -e 's/DEBUG //g'
sed -ri "s/mode = production/mode = development/" /etc/ipa/default.conf
systemctl restart httpd.service
firewall-cmd --add-service={freeipa-ldap,freeipa-ldaps,dns}
echo ${server_password} | kinit admin && ipa ping
mkdir -p ~/.ipa
cp -r /etc/ipa/* ~/.ipa/
echo ${server_password} > ~/.ipa/.dmpw
echo 'wait_for_dns=5' >> ~/.ipa/default.conf
ipa-test-config --help
ipa-test-task --help
ipa-run-tests --help
ipa-run-tests ${tests_to_ignore} \
${tests_to_dedicate} \
--slices=${SYSTEM_TOTALJOBSINPHASE:-1} \
--slice-num=${SYSTEM_JOBPOSITIONINPHASE:-1} \
--verbose --with-xunit '-k not test_dns_soa' ${tests_to_run}
tests_result=$?
else
echo "ipa-server-install failed with code ${save_result}, skip IPA tests"
fi
echo "Potential Python 3 incompatibilities in the IPA framework:"
grep -n -C5 BytesWarning /var/log/httpd/error_log || echo "Good, none detected"
echo "State of the directory server instance, httpd databases, PKI CA database:"
ls -laZ /etc/dirsrv/slapd-*/ /etc/httpd/alias/ /var/lib/ /etc/pki/pki-tomcat/alias/ || true
ls -laZ /var/lib/ipa/certs/ /var/lib/ipa/passwds/ /var/lib/ipa/private/ || true
echo "Uninstall the server"
ipa-server-install --uninstall -U
# second uninstall to verify that --uninstall without installation works
ipa-server-install --uninstall -U
if [ "$install_result" -eq 0 ] ; then
firewall-cmd --remove-service={freeipa-ldap,freeipa-ldaps,dns}
fi
echo "Collect the logs"
journalctl -b --no-pager > systemd_journal.log
tar --ignore-failed-read -cvf var_log.tar \
/var/log/dirsrv \
/var/log/httpd \
/var/log/ipa* \
/var/log/krb5kdc.log \
/var/log/pki \
/var/log/samba \
/var/named/data \
systemd_journal.log
# Final result depends on the exit code of the ipa-run-tests
test "$tests_result" -eq 0 -a "$install_result" -eq 0