def repo_info(connection, repo_id, repo_name): ''' check if information about the given repo can be displayed ''' Expect.ping_pong(connection, "rhui-manager repo info --repo_id " + repo_id, "Name: *" + Util.esc_parentheses(repo_name))
def packages_list(connection, repo_id, package): ''' check if a package is present in the repo ''' Expect.ping_pong(connection, "rhui-manager packages list --repo_id " + repo_id, package)
def cert_upload(connection, certificate_file, test_string): ''' upload a new or updated Red Hat content certificate ''' Expect.ping_pong(connection, "rhui-manager cert upload --cert " + certificate_file, test_string)
def packages_upload(connection, repo_id, package): ''' upload a package to the custom repo ''' Expect.ping_pong( connection, "rhui-manager packages upload --repo_id " + repo_id + " --packages " + package, package + " successfully uploaded")
def test_13_install_unsigned_pkg(): ''' try installing the unsigned package, should not work ''' Expect.ping_pong( CLI, "yum -y install %s" % UNSIGNED_PACKAGE, "Package %s-1-1.noarch.rpm is not signed" % UNSIGNED_PACKAGE) Expect.expect_retval(CLI, "rpm -q %s" % UNSIGNED_PACKAGE, 1)
def repo_add(connection, repo): ''' add a repo specified by its product name ''' Expect.ping_pong( connection, "rhui-manager repo add --product_name \"" + repo + "\"", "Successfully added")
def repo_add_by_repo(connection, repo_ids): ''' add a repo specified by its ID ''' Expect.ping_pong( connection, "rhui-manager repo add_by_repo --repo_ids " + ",".join(repo_ids), "Successfully added")
def test_11_check_updateinfo(self): ''' check if the expected update info is found ''' # yum should print Update ID : RHXA-YYYY:NNNNN # dnf should print Update ID: RHXA-YYYY:NNNNN Expect.ping_pong(CLI, "yum updateinfo info", "Update ID ?: %s" % self.test["errata"])
def test_11_run_command(self): ''' run a test command (uname) in the RH container ''' if not self.cli_supported: raise nose.exc.SkipTest("Not supported on RHEL %s" % self.cli_os_version) Expect.ping_pong(CLI, "docker run %s uname" % self.container_id, "Linux")
def client_cert(connection, repo_labels, name, days, directory): ''' generate an entitlement certificate ''' Expect.ping_pong( connection, "rhui-manager client cert --repo_label %s " % ",".join(repo_labels) + "--name %s --days %s --dir %s" % (name, str(days), directory), "Entitlement certificate created at %s/%s.crt" % (directory, name))
def client_cert(connection, repo_labels, name, days, dir): ''' generate an entitlement certificate ''' Expect.ping_pong( connection, "rhui-manager client cert --repo_label " + ",".join(repo_labels) + " --name " + name + " --days " + str(days) + " --dir " + dir, "Entitlement certificate created at " + dir + "/" + name + ".crt")
def test_00_rhui_init(): ''' add a CDS and run rhui-subscription-sync to ensure their log files exist ''' # use initial_run first to ensure we're logged in to rhui-manager RHUIManager.initial_run(CONNECTION_RHUA) RHUIManagerInstance.add_instance(CONNECTION_RHUA, "cds") # can't use expect_retval as the exit code can be 0 or 1 (sync is configured or unconfigured) Expect.ping_pong(CONNECTION_RHUA, "rhui-subscription-sync ; echo ACK", "ACK")
def install_rpm_from_rhua(rhua_connection, connection, rpmpath): ''' Transfer RPM package from RHUA host to the instance and install it @param rpmpath: path to RPM package on RHUA node ''' tfile = tempfile.NamedTemporaryFile(delete=False) tfile.close() rhua_connection.sftp.get(rpmpath, tfile.name) connection.sftp.put(tfile.name, tfile.name + ".rpm") os.unlink(tfile.name) Expect.ping_pong(connection, "rpm -i " + tfile.name + ".rpm" + " && echo SUCCESS", "[^ ]SUCCESS", 60)
def test_14_install_2nd_signed_pkg(): ''' try installing the package signed with the key unknown to the client, should not work ''' # dnf in RHEL 8.0 produces a different message rhel = Util.get_rhel_version(CLI) if rhel["major"] == 8 and rhel["minor"] == 0: output = "Public key for %s-1-1.noarch.rpm is not installed" % SIGNED_PACKAGE_SIG2 else: output = "The GPG keys.*%s.*are not correct for this package" % REPO Expect.ping_pong(CLI, "yum -y install %s" % SIGNED_PACKAGE_SIG2, output) Expect.expect_retval(CLI, "rpm -q %s" % SIGNED_PACKAGE_SIG2, 1)
def test_99_cleanup(): '''Cleanup: Delete all repositories from RHUI (interactively; not currently supported by the CLI), remove certs and other files''' RHUIManagerRepo.delete_all_repos(CONNECTION) nose.tools.assert_equal(RHUIManagerRepo.list(CONNECTION), []) RHUIManager.remove_rh_certs(CONNECTION) Expect.ping_pong(CONNECTION, "rm -rf /tmp/atomic_and_my* ; " + "ls /tmp/atomic_and_my* 2>&1", "No such file or directory") Expect.ping_pong(CONNECTION, "rm -f /tmp/repos.std{out,err} ; " + "ls /tmp/repos.std{out,err} 2>&1", "No such file or directory") rmtree(TMPDIR)
def repo_sync(connection, repo_id, repo_name): ''' sync a repo ''' Expect.ping_pong( connection, "rhui-manager repo sync --repo_id " + repo_id, "successfully scheduled for the next available timeslot") repo_status = RHUIManagerCLI.get_repo_status(connection, repo_name) while repo_status in ["Never", "Running", "Unknown"]: time.sleep(10) repo_status = RHUIManagerCLI.get_repo_status(connection, repo_name) nose.tools.assert_equal(repo_status, "Success")
def validate_repo_list(connection, repo_ids): ''' check if only the given repo IDs are listed ''' Expect.expect_retval( connection, "rhui-manager repo list | grep -v 'ID.*Repository Name$' | grep :: | cut -d ' ' -f 1 | sort > /tmp/actual_repo_list && echo \"" + "\n".join(sorted(repo_ids)) + "\" > /tmp/expected_repo_list && cmp /tmp/actual_repo_list /tmp/expected_repo_list" ) Expect.ping_pong(connection, "rm -f /tmp/*_repo_list ; ls /tmp/*_repo_list 2>&1", "No such file or directory")
def check_package_url(connection, package, path=""): ''' verify that the package is available from the RHUI (and not from an unwanted repo) ''' # The name of the test package may contain characters which must be escaped in REs. # In modern pulp-rpm versions, packages are in .../Packages/<first letter (lowercase)>/, # and the URL can be .../os/...NVR or .../os//...NVR, so let's tolerate anything between # the path and the package name. The path is optional, though; if you don't know it or # don't care about it, call this method with the mandatory arguments only. package_escaped = re.escape(package) Expect.ping_pong(connection, "yumdownloader --url %s" % package_escaped, "https://%s/pulp/repos/%s.*%s" % \ (ConMgr.get_cds_lb_hostname(), path, package_escaped))
def test_17_missing_cert_handling(): '''check if rhui-manager can handle the loss of the RH cert''' # for RHBZ#1325390 RHUIManagerEntitlements.upload_rh_certificate(RHUA) # launch rhui-manager in one connection, delete the cert in the other RHUIManager.screen(RHUA, "repo") RHUIManager.remove_rh_certs(RHUA_2) Expect.enter(RHUA, "a") # a bit strange response to see in this context, but eh, no == all if you're a geek Expect.expect( RHUA, "All entitled products are currently deployed in the RHUI") Expect.enter(RHUA, "q") # an error message should be logged, though Expect.ping_pong(RHUA, "tail /root/.rhui/rhui.log", "The entitlement.*has no associated certificate")
def client_rpm(connection, certdata, rpmdata, directory, unprotected_repos=None, proxy=""): ''' generate a client configuration RPM The certdata argument must be a list, and two kinds of data are supported: * key path and cert path (full paths, starting with "/"), or * one or more repo labels and optionally an integer denoting the number of days the cert will be valid for; if unspecified, rhui-manager will use 365. In this case, a certificate will be generated on the fly. The rpmdata argument must be a list with one, two or three strings: * package name: the name for the RPM * package version: string denoting the version; if unspecified, rhui-manager will use 2.0 * package release: string denoting the release; if unspecified, rhui-manager will use 1 ''' cmd = "rhui-manager client rpm" if certdata[0].startswith("/"): cmd += " --private_key %s --entitlement_cert %s" % (certdata[0], certdata[1]) else: cmd += " --cert" if isinstance(certdata[-1], int): cmd += " --days %s" % certdata.pop() cmd += " --repo_label %s" % ",".join(certdata) cmd += " --rpm_name %s" % rpmdata[0] if len(rpmdata) > 1: cmd += " --rpm_version %s" % rpmdata[1] if len(rpmdata) > 2: cmd += " --rpm_release %s" % rpmdata[2] else: rpmdata.append("1") else: rpmdata.append("2.0") rpmdata.append("1") cmd += " --dir %s" % directory if unprotected_repos: cmd += " --unprotected_repos %s" % ",".join(unprotected_repos) if proxy: cmd += " --proxy %s" % proxy Expect.ping_pong(connection, cmd, "Location: %s/%s-%s/build/RPMS/noarch/%s-%s-%s.noarch.rpm" % \ (directory, rpmdata[0], rpmdata[1], rpmdata[0], rpmdata[1], rpmdata[2]))
def test_99_cleanup(): ''' delete the archives and their checksum files, local caches; remove CDS ''' with open(SOSREPORT_LOCATION_RHUA) as location: sosreport_file = location.read() Expect.ping_pong( CONNECTION_RHUA, "rm -f " + sosreport_file + "* ; " + "ls " + sosreport_file + "* 2>&1", "No such file or directory") with open(SOSREPORT_LOCATION_CDS) as location: sosreport_file = location.read() Expect.ping_pong( CONNECTION_CDS, "rm -f " + sosreport_file + "* ; " + "ls " + sosreport_file + "* 2>&1", "No such file or directory") rmtree(TMPDIR) RHUIManagerInstance.delete_all(CONNECTION_RHUA, "cds")
def client_rpm(connection, private_key, entitlement_cert, rpm_version, rpm_name, dir, unprotected_repos=[]): ''' generate a client configuration RPM ''' Expect.ping_pong( connection, "rhui-manager client rpm --private_key " + private_key + " --entitlement_cert " + entitlement_cert + " --rpm_version " + rpm_version + " --rpm_name " + rpm_name + " --dir " + dir + "%s" % (" --unprotected_repos " + ",".join(unprotected_repos) if len(unprotected_repos) > 0 else ""), "RPMs can be found at " + dir)
def test_16_release_handling(): ''' check EUS release handling (working with /etc/yum/vars/releasever on the client) ''' # for RHBZ#1504229 Expect.expect_retval(CLI, "rhui-set-release --set 7.5") Expect.expect_retval(CLI, "[[ $(</etc/yum/vars/releasever) == 7.5 ]]") Expect.expect_retval(CLI, "[[ $(rhui-set-release) == 7.5 ]]") Expect.expect_retval(CLI, "rhui-set-release -s 6.5") Expect.expect_retval(CLI, "[[ $(</etc/yum/vars/releasever) == 6.5 ]]") Expect.expect_retval(CLI, "[[ $(rhui-set-release) == 6.5 ]]") Expect.expect_retval(CLI, "rhui-set-release -u") Expect.expect_retval(CLI, "test -f /etc/yum/vars/releasever", 1) Expect.expect_retval(CLI, "rhui-set-release -s 7.1") Expect.expect_retval(CLI, "[[ $(</etc/yum/vars/releasever) == 7.1 ]]") Expect.expect_retval(CLI, "[[ $(rhui-set-release) == 7.1 ]]") Expect.expect_retval(CLI, "rhui-set-release --unset") Expect.expect_retval(CLI, "test -f /etc/yum/vars/releasever", 1) Expect.expect_retval(CLI, "rhui-set-release foo", 1) Expect.ping_pong(CLI, "rhui-set-release --help", "Usage:") Expect.ping_pong(CLI, "rhui-set-release -h", "Usage:")
def test_43_upload_semi_bad_cert(self): '''check that a partially invalid certificate can still be accepted''' # for RHBZ#1588931 & RHBZ#1584527 # delete currently used certificates and repos first RHUIManager.remove_rh_certs(RHUA) for repo in CUSTOM_REPOS + self.yum_repo_ids: RHUIManagerCLI.repo_delete(RHUA, repo) repolist = RHUIManagerCLI.repo_list(RHUA, True) nose.tools.ok_(not repolist, msg="can't continue as some repos remain: %s" % repolist) # try uploading the cert now cert = "%s/%s" % (DATADIR, CERTS["partial"]) if Util.cert_expired(RHUA, cert): raise nose.exc.SkipTest( "The given certificate has already expired.") RHUIManagerCLI.cert_upload(RHUA, cert) # the RHUI log must contain the fact that an invalid path was found in the cert Expect.ping_pong(RHUA, "tail /root/.rhui/rhui.log", "Invalid entitlement path") RHUIManager.remove_rh_certs(RHUA)
def test_03_restart_services_script(): ''' try the rhui-services-restart script ''' # for RHBZ#1539105 Expect.ping_pong(RHUA, "rhui-services-restart --help", "Usage:") # fetch current service PIDs # use 0 if a PID file doesn't exist (the service isn't running) _, stdout, _ = RHUA.exec_command("for pidfile in %s; do cat $pidfile || echo 0; done" % \ " ".join(RHUI_SERVICE_PIDFILES)) old_pids = list(map(int, stdout.read().decode().splitlines())) # restart Expect.expect_retval(RHUA, "rhui-services-restart", timeout=30) # fetch new service PIDs _, stdout, _ = RHUA.exec_command("for pidfile in %s; do cat $pidfile || echo 0; done" % \ " ".join(RHUI_SERVICE_PIDFILES)) new_pids = list(map(int, stdout.read().decode().splitlines())) # the new PIDs must differ and mustn't be 0, which would mean the pidfile couldn't be read # (which would mean the service didn't (re)start) for i in range(len(RHUI_SERVICE_PIDFILES)): nose.tools.ok_(new_pids[i] != old_pids[i], msg="not all the RHUI services restarted") nose.tools.ok_(new_pids[i] > 0, msg="not all the RHUI services started")
def client_content_source(connection, certdata, rpmdata, directory): ''' generate an alternate source config rpm (very similar to client_rpm() -- see the usage described there) ''' cmd = "rhui-manager client content_source" if certdata[0].startswith("/"): cmd += " --private_key %s --entitlement_cert %s" % (certdata[0], certdata[1]) else: cmd += " --cert" if isinstance(certdata[-1], int): cmd += " --days %s" % certdata.pop() cmd += " --repo_label %s" % ",".join(certdata) cmd += " --rpm_name %s" % rpmdata[0] if len(rpmdata) > 1: cmd += " --rpm_version %s" % rpmdata[1] else: rpmdata.append("2.0") cmd += " --dir %s" % directory Expect.ping_pong(connection, cmd, "Location: %s/%s-%s/build/RPMS/noarch/%s-%s-1.noarch.rpm" % \ (directory, rpmdata[0], rpmdata[1], rpmdata[0], rpmdata[1]))
def test_99_cleanup(self): '''cleanup: remove repos and temporary files''' RHUIManagerCLI.repo_delete(RHUA, self.product["id"]) RHUIManager.remove_rh_certs(RHUA) Expect.ping_pong( RHUA, "rm -rf /tmp/%s* ; " % CLI_CFG[0] + "ls /tmp/%s* 2>&1" % CLI_CFG[0], "No such file or directory") Expect.ping_pong( RHUA, "rm -f /tmp/repos.std{out,err} ; " + "ls /tmp/repos.std{out,err} 2>&1", "No such file or directory") Expect.ping_pong( RHUA, "rm -rf /tmp/%s* ; " % ALT_CONTENT_SRC_NAME + "ls /tmp/%s* 2>&1" % ALT_CONTENT_SRC_NAME, "No such file or directory") rmtree(TMPDIR)
def test_23_upload_expired_entitlement_certificate(): '''Bonus: Check expired certificate handling''' # currently, an error occurs RHUIManagerCLI.cert_upload(CONNECTION, "/tmp/extra_rhui_files/rhcert_expired.pem", "An unexpected error has occurred during the last operation") # a relevant traceback is logged, though; check it Expect.ping_pong(CONNECTION, "tail -1 /root/.rhui/rhui.log", "InvalidOrExpiredCertificate")
def cert_expiration(connection): ''' check if the certificate expiration date is OK ''' Expect.ping_pong(connection, "rhui-manager status", "Entitlement CA certificate expiration date.*OK")
def repo_list(connection, repo_id, repo_name): ''' check if the given repo ID and name are listed ''' Expect.ping_pong(connection, "rhui-manager repo list", repo_id + " *:: " + Util.esc_parentheses(repo_name))