From de64c3245d03c9443ebba260da4b46985daf0938 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Wed, 14 Feb 2024 16:50:09 -0600 Subject: [PATCH] Add test for pki-server subsystem-show --- .github/workflows/ipa-tests.yml | 56 ++++++++++++++++++- .gitignore | 1 + .../server/python/pki/server/cli/subsystem.py | 4 +- 3 files changed, 58 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ipa-tests.yml b/.github/workflows/ipa-tests.yml index cb8a9b5cd11..95a535ce671 100644 --- a/.github/workflows/ipa-tests.yml +++ b/.github/workflows/ipa-tests.yml @@ -77,12 +77,66 @@ jobs: -r EXAMPLE.COM \ -p Secret.123 \ -a Secret.123 \ - --setup-kra \ --no-host-dns \ --no-ntp docker exec ipa bash -c "echo Secret.123 | kinit admin" docker exec ipa ipa ping + - name: Check webapps + run: | + docker exec ipa pki-server webapp-find | tee output + + echo "ROOT" > expected + echo "acme" >> expected + echo "ca" >> expected + echo "pki" >> expected + sed -n 's/^ *Webapp ID: *\(.*\)$/\1/p' output > actual + diff expected actual + + - name: Check subsystems + run: | + docker exec ipa ls -la /etc/pki/pki-tomcat + docker exec ipa ls -la /var/lib/pki/pki-tomcat + docker exec ipa ls -la /var/log/pki/pki-tomcat + + docker exec ipa ls -la /etc/pki/pki-tomcat/ca + docker exec ipa ls -la /var/lib/pki/pki-tomcat/ca + docker exec ipa ls -la /var/log/pki/pki-tomcat/ca + + docker exec ipa pki-server subsystem-find | tee output + + echo "ca" > expected + sed -n 's/^ *Subsystem ID: *\(.*\)$/\1/p' output > actual + diff expected actual + + docker exec ipa pki-server subsystem-show ca | tee output + + # CA subsystem should be enabled + echo "True" > expected + sed -n 's/^ *Enabled: *\(.*\)$/\1/p' output > actual + diff expected actual + + + # KRA subsystem should not exist + docker exec ipa pki-server subsystem-show kra \ + > >(tee stdout) 2> >(tee stderr >&2) || true + + echo "ERROR: No kra subsystem in instance pki-tomcat." > expected + diff expected stderr + + docker exec ipa mkdir -p /var/log/pki/pki-tomcat/kra + + # KRA subsystem should be disabled + echo "False" > expected + sed -n 's/^ *Enabled: *\(.*\)$/\1/p' output > actual + diff expected actual + + docker exec ipa rm -rf /var/log/pki/pki-tomcat/kra + + - name: Install KRA + run: | + docker exec ipa ipa-kra-install -p Secret.123 + - name: Verify CA admin in IPA container run: | docker exec ipa pki-server cert-export ca_signing --cert-file ca_signing.crt diff --git a/.gitignore b/.gitignore index f210651f03a..08c3caede3e 100644 --- a/.gitignore +++ b/.gitignore @@ -12,3 +12,4 @@ tests/artifacts/ tests/tests.retry base/util/test/PKICertImport/dbs target/ +.flattened-pom.xml diff --git a/base/server/python/pki/server/cli/subsystem.py b/base/server/python/pki/server/cli/subsystem.py index 9de3f2f33bd..0216cb26716 100644 --- a/base/server/python/pki/server/cli/subsystem.py +++ b/base/server/python/pki/server/cli/subsystem.py @@ -190,7 +190,7 @@ def execute(self, argv): subsystem = instance.get_subsystem(subsystem_name) if not subsystem: - logger.error('ERROR: No %s subsystem in instance %s.', + logger.error('No %s subsystem in instance %s.', subsystem_name, instance_name) sys.exit(1) @@ -765,7 +765,7 @@ def execute(self, argv): subsystem = instance.get_subsystem(subsystem_name) if not subsystem: - logger.error('ERROR: No %s subsystem in instance %s.', + logger.error('No %s subsystem in instance %s.', subsystem_name, instance_name) sys.exit(1) cert = subsystem.get_subsystem_cert(cert_id)