def test_automatic_renewal_master_transfer_ondelete(self): # Test that after replica uninstallation, master overtakes the cert # renewal master role from replica (which was previously set there) tasks.uninstall_replica(self.master, self.replicas[0]) result = self.master.run_command(['ipa', 'config-show']).stdout_text assert ("IPA CA renewal master: %s" % self.master.hostname in result), ( "Master hostname not found among CA renewal masters")
def test_setup_teardown(self): tasks.install_master(self.master, setup_dns=True) tasks.install_replica(self.master, self.replicas[0], setup_ca=False) yield tasks.uninstall_replica(self.master, self.replicas[0]) tasks.uninstall_master(self.master)
def test_remove_replica_with_ca(self): """Test ipa-ca dns records after removing the replica with CA""" tasks.uninstall_replica(self.master, self.replicas[1]) self.delete_update_system_records(rnames=IPA_CA_A_REC) expected_servers = (self.master.ip,) self._test_A_rec_against_server(self.master.ip, self.domain, expected_servers)
def test_remove_replica_with_ca(self): """Test ipa-ca dns records after removing the replica with CA""" tasks.uninstall_replica(self.master, self.replicas[1]) self.delete_update_system_records(rnames=IPA_CA_A_REC) expected_servers = (self.master.ip, ) self._test_A_rec_against_server(self.master.ip, self.domain, expected_servers)
def test_setup_teardown(self): tasks.install_master(self.master, setup_dns=True) tasks.install_replica(self.master, self.replicas[0], setup_ca=False) tasks.config_host_resolvconf_with_master_data(self.master, self.replicas[0]) yield tasks.uninstall_replica(self.master, self.replicas[0]) tasks.uninstall_master(self.master)
def test_install_uninstall_replica(self): # Test that the sequence install replica / uninstall replica # properly removes the line # Include /etc/httpd/conf.d/ipa-rewrite.conf # from ssl.conf on the replica tasks.install_replica(self.master, self.replicas[0], extra_args=['--force-join']) tasks.uninstall_replica(self.master, self.replicas[0]) errline = b'Include /etc/httpd/conf.d/ipa-rewrite.conf' ssl_conf = self.replicas[0].get_file_contents(paths.HTTPD_SSL_CONF) assert errline not in ssl_conf
def test_install_uninstall_replica(self): # Test that the sequence install replica / uninstall replica # properly removes the line # Include /etc/httpd/conf.d/ipa-rewrite.conf # from ssl.conf on the replica tasks.install_replica(self.master, self.replicas[0], extra_args=['--force-join']) tasks.uninstall_replica(self.master, self.replicas[0]) errline = b'Include /etc/httpd/conf.d/ipa-rewrite.conf' ssl_conf = self.replicas[0].get_file_contents(paths.HTTPD_SSL_CONF) assert errline not in ssl_conf
def test_kra_hidden_no_preconfig(self): """Test installing KRA on a replica when all KRAs are hidden. https://pagure.io/freeipa/issue/8240 """ result = tasks.install_kra(self.replicas[1], raiseonerr=False) if result.returncode == 0: # If KRA installation was successful, the only clean-up possible is # uninstalling the whole replica as hiding the last visible KRA # member is inhibited by design. # This step is necessary so that the next test runs with all KRA # members hidden too. tasks.uninstall_replica(self.master, self.replicas[1]) assert "Failed to find an active KRA server!" not in result.stderr_text assert result.returncode == 0
def test_replica_from_hidden(self): # install a replica from a hidden replica self._check_server_role(self.replicas[0], 'hidden') tasks.install_replica( master=self.replicas[0], replica=self.replicas[1], setup_dns=True ) self._check_server_role(self.replicas[0], 'hidden') self._check_server_role( self.replicas[1], 'enabled', kra=False, dns=False ) self._check_dnsrecords( [self.master, self.replicas[1]], [self.replicas[0]] ) # hide the new replica self.replicas[0].run_command([ 'ipa', 'server-state', self.replicas[1].hostname, '--state=hidden' ]) # and establish replication agreements from master tasks.connect_replica( master=self.master, replica=self.replicas[1], ) tasks.connect_replica( master=self.master, replica=self.replicas[1], database=CA_SUFFIX_NAME, ) # remove replication agreements again tasks.disconnect_replica( master=self.master, replica=self.replicas[1], ) tasks.disconnect_replica( master=self.master, replica=self.replicas[1], database=CA_SUFFIX_NAME, ) # and uninstall tasks.uninstall_replica( master=self.replicas[0], replica=self.replicas[1], )
def install(cls, mh): tasks.uninstall_replica(cls.master, cls.replicas[0]) tasks.uninstall_master(cls.master) tasks.install_master(cls.master, setup_dns=False)