rpms / ipa

Clone
Source Code
GIT

Blame SOURCES/0021-Simplify-and-improve-tests.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   0b494d91bfa72029a98629ca2d85792cf9d2ddcb
  2.   SOURCES
  3.   0021-Simplify-and-improve-tests.patch
Blob History Raw
86baa9 
From a88af3d2f21b6a949885981aa82ff87a1336f40c Mon Sep 17 00:00:00 2001
86baa9 
From: Christian Heimes <cheimes@redhat.com>
86baa9 
Date: Mon, 25 Mar 2019 08:17:28 +0100
86baa9 
Subject: [PATCH] Simplify and improve tests
86baa9
86baa9 
Move tests for DNS and roles into helper methods to make them reusable.
86baa9
86baa9 
Fixes: https://pagure.io/freeipa/issue/7892
86baa9 
Signed-off-by: Christian Heimes <cheimes@redhat.com>
86baa9 
Reviewed-By: Thomas Woerner <twoerner@redhat.com>
86baa9 
Reviewed-By: Francois Cami <fcami@redhat.com>
86baa9 
---
86baa9 
 .../test_replica_promotion.py                 | 147 +++++++++---------
86baa9 
 1 file changed, 70 insertions(+), 77 deletions(-)
86baa9
86baa9 
diff --git a/ipatests/test_integration/test_replica_promotion.py b/ipatests/test_integration/test_replica_promotion.py
86baa9 
index 80890bf05cb242fe09af77aa27b411ac6194e2d6..a4f3e402ce5d6f74af4bd6fed9376f0f039f297a 100644
86baa9 
--- a/ipatests/test_integration/test_replica_promotion.py
86baa9 
+++ b/ipatests/test_integration/test_replica_promotion.py
86baa9 
@@ -19,8 +19,11 @@ from ipalib.constants import (
86baa9 
 from ipaplatform.paths import paths
86baa9 
 from ipatests.test_integration.test_backup_and_restore import backup
86baa9 
 from ipatests.test_integration.test_dns_locations import (
86baa9 
-    resolve_records_from_server
86baa9 
+    resolve_records_from_server, IPA_DEFAULT_MASTER_SRV_REC
86baa9 
 )
86baa9 
+from ipapython.dnsutil import DNSName
86baa9 
+from ipalib.constants import IPA_CA_RECORD
86baa9 
+
86baa9
86baa9 
 config = get_global_config()
86baa9
86baa9 
@@ -802,110 +805,100 @@ class TestReplicaInForwardZone(IntegrationTest):
86baa9
86baa9
86baa9 
 class TestHiddenReplicaPromotion(IntegrationTest):
86baa9 
+    """Test hidden replica features
86baa9 
     """
86baa9 
-    Test hidden replica features
86baa9 
-    """
86baa9 
-
86baa9 
     topology = 'star'
86baa9 
     num_replicas = 1
86baa9
86baa9 
     @classmethod
86baa9 
     def install(cls, mh):
86baa9 
         tasks.install_master(cls.master, setup_dns=True, setup_kra=True)
86baa9 
+        tasks.install_replica(
86baa9 
+            cls.master, cls.replicas[0],
86baa9 
+            setup_dns=True, setup_kra=True,
86baa9 
+            extra_args=('--hidden-replica',)
86baa9 
+        )
86baa9
86baa9 
-    @replicas_cleanup
86baa9 
-    def test_hidden_replica_install(self):
86baa9 
-        self.replicas[0].run_command([
86baa9 
-            'ipa-client-install',
86baa9 
-            '-p', 'admin',
86baa9 
-            '-w', self.master.config.admin_password,
86baa9 
-            '--domain', self.master.domain.name,
86baa9 
-            '--realm', self.master.domain.realm,
86baa9 
-            '--server', self.master.hostname,
86baa9 
-            '-U'
86baa9 
-        ])
86baa9 
-        self.replicas[0].run_command([
86baa9 
-            'ipa-replica-install', '-w',
86baa9 
-            self.master.config.admin_password,
86baa9 
-            '-n', self.master.domain.name,
86baa9 
-            '-r', self.master.domain.realm,
86baa9 
-            '--server', self.master.hostname,
86baa9 
-            '--setup-ca',
86baa9 
-            '--setup-dns', '--no-forwarders',
86baa9 
-            '--hidden-replica',
86baa9 
-            '--setup-kra',
86baa9 
-            '-U'
86baa9 
-        ])
86baa9 
-        expected_txt = 'hidden'
86baa9 
-        result = self.replicas[0].run_command([
86baa9 
-            'ipa', 'ipa server-role-find',
86baa9 
-            '--server', self.replicas[0].hostname
86baa9 
-        ])
86baa9 
-        assert expected_txt in result.stdout
86baa9 
-        dnsrecords = {
86baa9 
-            '.'.join(('_kerberos._udp', self.master.domain.name)): 'SRV',
86baa9 
-            '.'.join(('_kerberos._tcp', self.master.domain.name)): 'SRV',
86baa9 
-            '.'.join(('_ldap._tcp', self.master.domain.name)): 'SRV',
86baa9 
-            self.master.domain.name: 'NS'
86baa9 
-        }
86baa9 
-        nameserver = self.master.ip
86baa9 
-        results = []
86baa9 
-        for record in dnsrecords:
86baa9 
-            srvr = resolve_records_from_server(
86baa9 
-                record, dnsrecords[record], nameserver
86baa9 
-            )
86baa9 
-            results.extend(re.findall(
86baa9 
-                '|'.join((self.master.hostname, self.replicas[0].hostname)),
86baa9 
-                srvr)
86baa9 
+    def _check_dnsrecords(self, hosts_expected, hosts_unexpected=()):
86baa9 
+        domain = DNSName(self.master.domain.name).make_absolute()
86baa9 
+        rset = [
86baa9 
+            (rname, 'SRV')
86baa9 
+            for rname, _port in IPA_DEFAULT_MASTER_SRV_REC
86baa9 
+        ]
86baa9 
+        rset.append((DNSName(IPA_CA_RECORD), 'A'))
86baa9 
+
86baa9 
+        for rname, rtype in rset:
86baa9 
+            name_abs = rname.derelativize(domain)
86baa9 
+            query = resolve_records_from_server(
86baa9 
+                name_abs, rtype, self.master.ip
86baa9 
             )
86baa9 
-        assert self.master.hostname in results
86baa9 
-        assert self.replicas[0].hostname not in results
86baa9 
+            txt = query.to_text()
86baa9 
+            for host in hosts_expected:
86baa9 
+                value = host.hostname if rtype == 'SRV' else host.ip
86baa9 
+                assert value in txt
86baa9 
+            for host in hosts_unexpected:
86baa9 
+                value = host.hostname if rtype == 'SRV' else host.ip
86baa9 
+                assert value not in txt
86baa9 
+
86baa9 
+    def _check_server_role(self, host, status):
86baa9 
+        roles = [u'IPA master', u'CA server', u'KRA server', u'DNS server']
86baa9 
+        for role in roles:
86baa9 
+            result = self.master.run_command([
86baa9 
+                'ipa', 'server-role-find',
86baa9 
+                '--server', host.hostname,
86baa9 
+                '--role', role
86baa9 
+            ])
86baa9 
+            expected = 'Role status: {}'.format(status)
86baa9 
+            assert expected in result.stdout_text
86baa9 
+
86baa9 
+    def test_hidden_replica_install(self):
86baa9 
+        # TODO: check that all services are running on hidden replica
86baa9 
+        self._check_server_role(self.master, 'enabled')
86baa9 
+        self._check_server_role(self.replicas[0], 'hidden')
86baa9 
+        self._check_dnsrecords([self.master], [self.replicas[0]])
86baa9
86baa9 
     def test_hidden_replica_promote(self):
86baa9 
         self.replicas[0].run_command([
86baa9 
-            'ipa', 'server-mod', '--state=enabled'
86baa9 
+            'ipa', 'server-state',
86baa9 
+            self.replicas[0].hostname, '--state=enabled'
86baa9 
         ])
86baa9 
-        unexpected_txt = 'hidden'
86baa9 
+        self._check_server_role(self.replicas[0], 'enabled')
86baa9 
+        self._check_dnsrecords([self.master, self.replicas[0]])
86baa9 
         result = self.replicas[0].run_command([
86baa9 
-            'ipa', 'ipa server-role-find',
86baa9 
-            '--server', self.replicas[0].hostname
86baa9 
-        ])
86baa9 
-        assert unexpected_txt not in result.stdout
86baa9 
+            'ipa', 'server-state',
86baa9 
+            self.replicas[0].hostname, '--state=enabled'
86baa9 
+        ], raiseonerr=False)
86baa9 
+        assert result.returncode == 1
86baa9 
+        assert 'no modifications to be performed' in result.stderr_text
86baa9
86baa9 
     def test_hidden_replica_demote(self):
86baa9 
         self.replicas[0].run_command([
86baa9 
-            'ipa', 'server-mod', '--state=hidden'
86baa9 
+            'ipa', 'server-state',
86baa9 
+            self.replicas[0].hostname, '--state=hidden'
86baa9 
         ])
86baa9 
-        expected_txt = 'hidden'
86baa9 
-        result = self.replicas[0].run_command([
86baa9 
-            'ipa', 'ipa server-role-find',
86baa9 
-            '--server', self.replicas[0].hostname
86baa9 
-        ])
86baa9 
-        assert expected_txt in result.stdout
86baa9 
+        self._check_server_role(self.replicas[0], 'hidden')
86baa9 
+        self._check_dnsrecords([self.master], [self.replicas[0]])
86baa9
86baa9 
     def test_hidden_replica_backup_and_restore(self):
86baa9 
+        """Exercises backup+restore and hidden replica uninstall
86baa9 
         """
86baa9 
-        Exercises backup+restore and hidden replica uninstall
86baa9 
-        """
86baa9 
-        # set expectations
86baa9 
-        expected_txt = 'hidden'
86baa9 
-        result = self.replicas[0].run_command([
86baa9 
-            'ipa', 'ipa server-role-find',
86baa9 
-            '--server', self.replicas[0].hostname
86baa9 
-        ])
86baa9 
-        assert expected_txt in result.stdout
86baa9 
+        self._check_server_role(self.replicas[0], 'hidden')
86baa9 
         # backup
86baa9 
         backup_path = backup(self.replicas[0])
86baa9 
         # uninstall
86baa9 
-        result = self.replicas[0].run_command([
86baa9 
-            'ipa-server-uninstall', '-U', 'hidden-replica'
86baa9 
-        ])
86baa9 
+        tasks.uninstall_replica(self.master, self.replicas[0])
86baa9 
         # restore
86baa9 
         dirman_password = self.master.config.dirman_password
86baa9 
         self.replicas[0].run_command(
86baa9 
-            ['ipa-restore', backup_path], stdin_text=dirman_password + '\nyes'
86baa9 
+            ['ipa-restore', backup_path],
86baa9 
+            stdin_text=dirman_password + '\nyes'
86baa9 
         )
86baa9 
+        # check that role is still hidden
86baa9 
+        self._check_server_role(self.replicas[0], 'hidden')
86baa9 
+        self._check_dnsrecords([self.master], [self.replicas[0]])
86baa9 
         # check that the resulting server can be promoted to enabled
86baa9 
         self.replicas[0].run_command([
86baa9 
-            'ipa', 'server-mod', '--state=enabled'
86baa9 
+            'ipa', 'server-mod', self.replicas[0].hostname, '--state=enabled'
86baa9 
         ])
86baa9 
+        self._check_server_role(self.replicas[0], 'enabled')
86baa9 
+        self._check_dnsrecords([self.master, self.replicas[0]])
86baa9 
--
86baa9 
2.20.1
86baa9

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation