Ejemplos de install_kra en Python

Ejemplo n.º 1

Archivo: test_vault.py Proyecto: encukou/freeipa

    def test_create_and_retrieve_vault_replica_with_kra(self):

        # install KRA on replica
        tasks.install_kra(self.replicas[0], first_instance=False)

        # create vault
        self.replicas[0].run_command([
            "ipa", "vault-add",
            self.vault_name_replica_with_KRA,
            "--password", self.vault_password,
            "--type", "symmetric",
        ])

        # archive secret
        self.replicas[0].run_command([
            "ipa", "vault-archive",
            self.vault_name_replica_with_KRA,
            "--password", self.vault_password,
            "--data", self.vault_data,
        ])
        time.sleep(WAIT_AFTER_ARCHIVE)

        self._retrieve_secret([self.vault_name_replica_with_KRA])

        ################# master #################
        # test master again after KRA was installed on replica
        # create vault
        self.master.run_command([
            "ipa", "vault-add",
            self.vault_name_master2,
            "--password", self.vault_password,
            "--type", "symmetric",
        ])

        # archive secret
        self.master.run_command([
            "ipa", "vault-archive",
            self.vault_name_master2,
            "--password", self.vault_password,
            "--data", self.vault_data,
        ])
        time.sleep(WAIT_AFTER_ARCHIVE)

        self._retrieve_secret([self.vault_name_master2])

        ################ old vaults ###############
        # test if old vaults are still accessible
        self._retrieve_secret([
            self.vault_name_master,
            self.vault_name_replica_without_KRA,
        ])

Ejemplo n.º 2

Archivo: test_replica_promotion.py Proyecto: zavarat/freeipa

    def test_kra_hidden_no_preconfig(self):
        """Test installing KRA on a replica when all KRAs are hidden.
           https://pagure.io/freeipa/issue/8240
        """

        result = tasks.install_kra(self.replicas[1], raiseonerr=False)

        if result.returncode == 0:
            # If KRA installation was successful, the only clean-up possible is
            # uninstalling the whole replica as hiding the last visible KRA
            # member is inhibited by design.
            # This step is necessary so that the next test runs with all KRA
            # members hidden too.
            tasks.uninstall_replica(self.master, self.replicas[1])

        assert "Failed to find an active KRA server!" not in result.stderr_text
        assert result.returncode == 0

Ejemplo n.º 3

 def test_ipa_certs_check_ipacertnsstrust(self):
     """
     Test checks the output for IPACertNSSTrust when kra is installed
     on the IPA system using ipa-kra-install
     """
     cmd = tasks.install_kra(self.master)
     assert cmd.returncode == 0
     tasks.install_packages(self.master, HEALTHCHECK_PKG)
     returncode, data = run_healthcheck(
         self.master,
         "ipahealthcheck.ipa.certs",
         "IPACertNSSTrust",
     )
     assert returncode == 0
     for check in data:
         assert check["result"] == "SUCCESS"
         assert (check["kw"]["key"] in DEFAULT_PKI_CA_CERTS
                 or check["kw"]["key"] in DEFAULT_PKI_KRA_CERTS)
     tasks.uninstall_master(self.master)

Ejemplo n.º 4

Archivo: test_replica_promotion.py Proyecto: roman-mueller/freeipa

 def test_kra_install_without_replica_file(self):
     master = self.master
     replica1 = self.replicas[0]
     replica2 = self.replicas[1]
     tasks.install_kra(master, first_instance=True)
     tasks.install_replica(master, replica1)
     result1 = tasks.install_kra(replica1,
                                 domain_level=DOMAIN_LEVEL_1,
                                 raiseonerr=False)
     assert_error(result1, "A replica file is required", 1)
     tasks.install_kra(replica1,
                       domain_level=DOMAIN_LEVEL_0,
                       raiseonerr=True)
     # Now prepare the replica file, copy it to the client and raise
     # domain level on master to test the reverse situation
     tasks.replica_prepare(master, replica2)
     master.run_command(["ipa", "domainlevel-set", str(DOMAIN_LEVEL_1)])
     tasks.install_replica(master, replica2)
     result2 = tasks.install_kra(replica2,
                                 domain_level=DOMAIN_LEVEL_0,
                                 raiseonerr=False)
     assert_error(result2, "No replica file is required", 1)
     tasks.install_kra(replica2)

Ejemplo n.º 5

Archivo: test_replica_promotion.py Proyecto: trongnghia203/freeipa

 def test_install_kra_on_hidden_replica(self):
     # manually install KRA on hidden replica.
     tasks.install_kra(self.replicas[0])

Ejemplo n.º 6

Archivo: test_installation.py Proyecto: encukou/freeipa

 def test_replica1_ipa_kra_install(self):
     tasks.install_kra(self.replicas[1])

Ejemplo n.º 7

Archivo: test_installation.py Proyecto: encukou/freeipa

 def test_replica0_ipa_kra_install(self):
     tasks.install_kra(self.replicas[0], first_instance=True)

Ejemplo n.º 8

Archivo: test_installation.py Proyecto: encukou/freeipa

 def test_install_kra(self):
     tasks.install_kra(self.master, first_instance=True)

Ejemplo n.º 9

Archivo: test_installation.py Proyecto: xxblx/freeipa

 def test_replica1_ipa_kra_install(self):
     tasks.install_kra(self.replicas[1])

Ejemplo n.º 10

Archivo: test_installation.py Proyecto: xxblx/freeipa

 def test_replica0_ipa_kra_install(self):
     tasks.install_kra(self.replicas[0], first_instance=True)

Ejemplo n.º 11

Archivo: test_installation.py Proyecto: xxblx/freeipa

 def test_install_kra(self):
     tasks.install_kra(self.master, first_instance=True)

Ejemplo n.º 12

Archivo: test_vault.py Proyecto: zpytela/freeipa

    def test_create_and_retrieve_vault_replica_with_kra(self):

        # install KRA on replica
        tasks.install_kra(self.replicas[0], first_instance=False)

        # create vault
        self.replicas[0].run_command([
            "ipa",
            "vault-add",
            self.vault_name_replica_with_KRA,
            "--password",
            self.vault_password,
            "--type",
            "symmetric",
        ])

        # archive secret
        self.replicas[0].run_command([
            "ipa",
            "vault-archive",
            self.vault_name_replica_with_KRA,
            "--password",
            self.vault_password,
            "--data",
            self.vault_data,
        ])
        time.sleep(WAIT_AFTER_ARCHIVE)

        self._retrieve_secret([self.vault_name_replica_with_KRA])

        # ################ master #################
        # test master again after KRA was installed on replica
        # create vault
        self.master.run_command([
            "ipa",
            "vault-add",
            self.vault_name_master2,
            "--password",
            self.vault_password,
            "--type",
            "symmetric",
        ])

        # archive secret
        self.master.run_command([
            "ipa",
            "vault-archive",
            self.vault_name_master2,
            "--password",
            self.vault_password,
            "--data",
            self.vault_data,
        ])
        time.sleep(WAIT_AFTER_ARCHIVE)

        self._retrieve_secret([self.vault_name_master2])

        # ############### old vaults ###############
        # test if old vaults are still accessible
        self._retrieve_secret([
            self.vault_name_master,
            self.vault_name_replica_without_KRA,
        ])