|
|
9b0b1a |
From a63d5ac05157e689e99494661240d43d131c0e91 Mon Sep 17 00:00:00 2001
|
|
|
9b0b1a |
From: Rob Crittenden <rcritten@redhat.com>
|
|
|
9b0b1a |
Date: Tue, 11 May 2021 13:19:41 -0400
|
|
|
9b0b1a |
Subject: [PATCH] Don't collect the CRLManager role if the CA is not configured
|
|
|
9b0b1a |
|
|
|
9b0b1a |
This was raising a false positive in the IPA CA-less case.
|
|
|
9b0b1a |
|
|
|
9b0b1a |
https://github.com/freeipa/freeipa-healthcheck/issues/201
|
|
|
9b0b1a |
|
|
|
9b0b1a |
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
|
|
|
9b0b1a |
---
|
|
|
9b0b1a |
src/ipahealthcheck/ipa/roles.py | 2 ++
|
|
|
9b0b1a |
tests/test_ipa_roles.py | 12 ++++++++++++
|
|
|
9b0b1a |
2 files changed, 14 insertions(+)
|
|
|
9b0b1a |
|
|
|
9b0b1a |
diff --git a/src/ipahealthcheck/ipa/roles.py b/src/ipahealthcheck/ipa/roles.py
|
|
|
9b0b1a |
index 0ff2269..aac7b80 100644
|
|
|
9b0b1a |
--- a/src/ipahealthcheck/ipa/roles.py
|
|
|
9b0b1a |
+++ b/src/ipahealthcheck/ipa/roles.py
|
|
|
9b0b1a |
@@ -25,6 +25,8 @@ class IPACRLManagerCheck(IPAPlugin):
|
|
|
9b0b1a |
"""
|
|
|
9b0b1a |
@duration
|
|
|
9b0b1a |
def check(self):
|
|
|
9b0b1a |
+ if not self.ca.is_configured():
|
|
|
9b0b1a |
+ return
|
|
|
9b0b1a |
try:
|
|
|
9b0b1a |
enabled = self.ca.is_crlgen_enabled()
|
|
|
9b0b1a |
except AttributeError:
|
|
|
9b0b1a |
diff --git a/tests/test_ipa_roles.py b/tests/test_ipa_roles.py
|
|
|
9b0b1a |
index 21c0069..7c4a2d1 100644
|
|
|
9b0b1a |
--- a/tests/test_ipa_roles.py
|
|
|
9b0b1a |
+++ b/tests/test_ipa_roles.py
|
|
|
9b0b1a |
@@ -48,6 +48,18 @@ class TestCRLManagerRole(BaseTest):
|
|
|
9b0b1a |
assert result.check == 'IPACRLManagerCheck'
|
|
|
9b0b1a |
assert result.kw.get('crlgen_enabled') is True
|
|
|
9b0b1a |
|
|
|
9b0b1a |
+ @patch('ipaserver.install.cainstance.CAInstance')
|
|
|
9b0b1a |
+ def test_crlmanager_no_ca(self, mock_ca):
|
|
|
9b0b1a |
+ """There should be no CRLManagerCheck without a CA"""
|
|
|
9b0b1a |
+ mock_ca.return_value = CAInstance(False)
|
|
|
9b0b1a |
+ framework = object()
|
|
|
9b0b1a |
+ registry.initialize(framework, config.Config)
|
|
|
9b0b1a |
+ f = IPACRLManagerCheck(registry)
|
|
|
9b0b1a |
+
|
|
|
9b0b1a |
+ self.results = capture_results(f)
|
|
|
9b0b1a |
+
|
|
|
9b0b1a |
+ assert len(self.results) == 0
|
|
|
9b0b1a |
+
|
|
|
9b0b1a |
|
|
|
9b0b1a |
class TestRenewalMaster(BaseTest):
|
|
|
9b0b1a |
def test_renewal_master_not_set(self):
|
|
|
9b0b1a |
--
|
|
|
9b0b1a |
2.31.1
|
|
|
9b0b1a |
|