def test_15_display_container(self):
'''check detailed information on the RH container'''
repo_name = Util.safe_pulp_repo_name(self.containers["rh"]["name"])
RHUIManagerRepo.check_detailed_information(RHUA,
[self.containers["rh"]["displayname"],
"https://%s/pulp/docker/%s/" % \
(ConMgr.get_cds_lb_hostname(), repo_name)],
[False],
[True, None, True],
0)
def test_05_display_info(self):
'''
check detailed information on the RH container
'''
RHUIManagerRepo.check_detailed_information(RHUA,
[self.container_displayname,
"https://%s/pulp/docker/%s/" % \
(ConMgr.get_cds_lb_hostname(),
self.container_id)],
[False],
[True, None, True],
0)
def test_15_check_registry_config():
'''
check if container registry configuration was modified
'''
if AH_EXISTS:
_, stdout, _ = ATOMIC_CLI.exec_command(
"cat /etc/containers/registries.conf")
cfg = pytoml.load(stdout)
nose.tools.ok_("%s:5000" % ConMgr.get_cds_lb_hostname() in \
cfg["registries"]["search"]["registries"],
msg="unexpected configuration: %s" % cfg)
else:
raise nose.exc.SkipTest("No known Atomic host")
def check_package_url(connection, package, path=""):
'''
verify that the package is available from the RHUI (and not from an unwanted repo)
'''
# The name of the test package may contain characters which must be escaped in REs.
# In modern pulp-rpm versions, packages are in .../Packages/<first letter (lowercase)>/,
# and the URL can be .../os/...NVR or .../os//...NVR, so let's tolerate anything between
# the path and the package name. The path is optional, though; if you don't know it or
# don't care about it, call this method with the mandatory arguments only.
package_escaped = re.escape(package)
Expect.ping_pong(connection,
"yumdownloader --url %s" % package_escaped,
"https://%s/pulp/repos/%s.*%s" % \
(ConMgr.get_cds_lb_hostname(), path, package_escaped))
def test_17_legacy_ca():
'''
check for bogus error messages if a legacy CA is used
'''
# for RHBZ#1731856
# get the CA cert from the RHUA and upload it to the CDS
# the cert is among the extra RHUI files, ie. in the directory also containing custom RPMs
cds_lb = ConMgr.get_cds_lb_hostname()
remote_ca_file = join(CUSTOM_RPMS_DIR, LEGACY_CA_FILE)
local_ca_file = join(TMPDIR, LEGACY_CA_FILE)
Util.fetch(RHUA, remote_ca_file, local_ca_file)
Helpers.add_legacy_ca(CDS, local_ca_file)
# re-fetch repodata on the client to trigger the OID validator on the CDS
Expect.expect_retval(CLI, "yum clean all ; yum repolist enabled")
Expect.expect_retval(
CDS, "egrep 'Cert verification failed against [0-9]+ ca cert' " +
"/var/log/httpd/%s_error_ssl.log" % cds_lb, 1)
def test_10_check_images(self):
'''
check if the container images are now available
'''
if not self.cli_supported:
raise nose.exc.SkipTest("Not supported on RHEL %s" %
self.cli_os_version)
quay_repo_name = Util.safe_pulp_repo_name(self.container_quay["name"])
docker_repo_name = Util.safe_pulp_repo_name(
self.container_docker["name"])
_, stdout, _ = CLI.exec_command("docker images")
images = stdout.read().decode().splitlines()
images_cli = [image.split()[0].split("/")[1] \
for image in images if image.startswith(ConMgr.get_cds_lb_hostname())]
nose.tools.eq_(
sorted(images_cli),
sorted([self.container_id, quay_repo_name, docker_repo_name]))
def test_14_unauthorized_access(self):
'''
verify that RHUI repo content cannot be fetched without an entitlement certificate
'''
# try HEADing the repodata file for the already added repo
# the HTTP request must not complete (not even with HTTP 403);
# it is supposed to raise an SSLError instead
cds_lb = ConMgr.get_cds_lb_hostname()
nose.tools.assert_raises(requests.exceptions.SSLError,
requests.head,
"https://%s/pulp/repos/" % cds_lb +
self.yum_repo_path + "/repodata/repomd.xml",
verify=False)
# also check the protected custom repo
nose.tools.assert_raises(
requests.exceptions.SSLError,
requests.head,
"https://%s/pulp/repos/" % cds_lb +
"protected/%s/repodata/repomd.xml" % CUSTOM_PATH,
verify=False)
from rhui3_tests_lib.conmgr import ConMgr
from rhui3_tests_lib.helpers import Helpers
from rhui3_tests_lib.rhuimanager import RHUIManager
from rhui3_tests_lib.rhuimanager_instance import RHUIManagerInstance
from rhui3_tests_lib.sos import Sos
logging.basicConfig(level=logging.DEBUG)
TMPDIR = mkdtemp()
SOSREPORT_LOCATION_RHUA = join(TMPDIR, "sosreport_location_rhua")
SOSREPORT_LOCATION_CDS = join(TMPDIR, "sosreport_location_cds")
CONNECTION_RHUA = RHUA = ConMgr.connect()
CONNECTION_CDS = ConMgr.connect(ConMgr.get_cds_hostnames()[0])
CDS_LB = ConMgr.get_cds_lb_hostname()
WANTED_FILES_RHUA = [
"/etc/rhui-installer/answers.yaml", "/etc/rhui/rhui-tools.conf",
"/root/.rhui/rhui.log", "/var/log/kafo/configuration.log",
"/var/log/rhui-subscription-sync.log"
]
WANTED_FILES_CDS = [
"/etc/httpd/conf.d/03-crane.conf",
"/etc/httpd/conf.d/25-%s.conf" % CDS_LB, "/etc/pulp/",
"/var/log/httpd/%s_access_ssl.log" % CDS_LB,
"/var/log/httpd/%s_error_ssl.log" % CDS_LB
]
CMD_RHUA = "rhui-manager status"
CMD_CDS = "ls -lR /var/lib/rhui/remote_share"
WANTED_FILES_RHUA.append(Helpers.encode_sos_command(CMD_RHUA))