Add test for pki-server subsystem-show

edewata · Feb 15, 2024 · de64c32 · de64c32
1 parent 5854126
commit de64c32
Show file tree

Hide file tree

Showing 3 changed files with 58 additions and 3 deletions.
diff --git a/.github/workflows/ipa-tests.yml b/.github/workflows/ipa-tests.yml
@@ -77,12 +77,66 @@ jobs:
               -r EXAMPLE.COM \
               -p Secret.123 \
               -a Secret.123 \
-              --setup-kra \
               --no-host-dns \
               --no-ntp
           docker exec ipa bash -c "echo Secret.123 | kinit admin"
           docker exec ipa ipa ping
 
+      - name: Check webapps
+        run: |
+          docker exec ipa pki-server webapp-find | tee output
+
+          echo "ROOT" > expected
+          echo "acme" >> expected
+          echo "ca" >> expected
+          echo "pki" >> expected
+          sed -n 's/^ *Webapp ID: *\(.*\)$/\1/p' output > actual
+          diff expected actual
+
+      - name: Check subsystems
+        run: |
+          docker exec ipa ls -la /etc/pki/pki-tomcat
+          docker exec ipa ls -la /var/lib/pki/pki-tomcat
+          docker exec ipa ls -la /var/log/pki/pki-tomcat
+
+          docker exec ipa ls -la /etc/pki/pki-tomcat/ca
+          docker exec ipa ls -la /var/lib/pki/pki-tomcat/ca
+          docker exec ipa ls -la /var/log/pki/pki-tomcat/ca
+
+          docker exec ipa pki-server subsystem-find | tee output
+
+          echo "ca" > expected
+          sed -n 's/^ *Subsystem ID: *\(.*\)$/\1/p' output > actual
+          diff expected actual
+
+          docker exec ipa pki-server subsystem-show ca | tee output
+
+          # CA subsystem should be enabled
+          echo "True" > expected
+          sed -n 's/^ *Enabled: *\(.*\)$/\1/p' output > actual
+          diff expected actual
+
+
+          # KRA subsystem should not exist
+          docker exec ipa pki-server subsystem-show kra \
+              > >(tee stdout) 2> >(tee stderr >&2) || true
+
+          echo "ERROR: No kra subsystem in instance pki-tomcat." > expected
+          diff expected stderr
+
+          docker exec ipa mkdir -p /var/log/pki/pki-tomcat/kra
+
+          # KRA subsystem should be disabled
+          echo "False" > expected
+          sed -n 's/^ *Enabled: *\(.*\)$/\1/p' output > actual
+          diff expected actual
+
+          docker exec ipa rm -rf /var/log/pki/pki-tomcat/kra
+
+      - name: Install KRA
+        run: |
+          docker exec ipa ipa-kra-install -p Secret.123
+
       - name: Verify CA admin in IPA container
         run: |
           docker exec ipa pki-server cert-export ca_signing --cert-file ca_signing.crt

diff --git a/.gitignore b/.gitignore
@@ -12,3 +12,4 @@ tests/artifacts/
 tests/tests.retry
 base/util/test/PKICertImport/dbs
 target/
+.flattened-pom.xml
diff --git a/base/server/python/pki/server/cli/subsystem.py b/base/server/python/pki/server/cli/subsystem.py
@@ -190,7 +190,7 @@ def execute(self, argv):
 
         subsystem = instance.get_subsystem(subsystem_name)
         if not subsystem:
-            logger.error('ERROR: No %s subsystem in instance %s.',
+            logger.error('No %s subsystem in instance %s.',
                          subsystem_name, instance_name)
             sys.exit(1)
 
@@ -765,7 +765,7 @@ def execute(self, argv):
 
         subsystem = instance.get_subsystem(subsystem_name)
         if not subsystem:
-            logger.error('ERROR: No %s subsystem in instance %s.',
+            logger.error('No %s subsystem in instance %s.',
                          subsystem_name, instance_name)
             sys.exit(1)
         cert = subsystem.get_subsystem_cert(cert_id)