From 699a7d463a5bd99225cad7767de6beee7d628e07 Mon Sep 17 00:00:00 2001 From: Michal Polovka Date: Tue, 6 Oct 2020 10:17:28 +0200 Subject: [PATCH 1/2] ipatests: test_adtrust_install: Adtrust agents are recreated after upgrade Test for adtrust agents being recreated after ipa-upgrade. If adtrust agents are manually removed before an upgrade, they should be automatically recreated after. Related: https://bugzilla.redhat.com/show_bug.cgi?id=1781153 Signed-off-by: Michal Polovka --- .../test_integration/test_adtrust_install.py | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/ipatests/test_integration/test_adtrust_install.py b/ipatests/test_integration/test_adtrust_install.py index e50f05c682..64ac40c77a 100644 --- a/ipatests/test_integration/test_adtrust_install.py +++ b/ipatests/test_integration/test_adtrust_install.py @@ -272,3 +272,34 @@ def test_ipa_user_s4u2self_pac(self): finally: tasks.kinit_admin(self.master) self.master.run_command(['ipa', 'user-del', user]) + + def test_adtrust_agents_are_recreated_after_upgrade(self): + """Test if adtrust agents, which are removed form LDAP prior to + an upgrade, are recreated after the upgrade""" + passwd = 'Secret123' + host = self.replicas[0] + self.unconfigure_replica_as_agent(host) + res = self.master.run_command(['ipa-adtrust-install', + '--add-agents', '--add-sids', + '-a', passwd, '-U']) + assert "Setup complete" in res.stdout_text + + # there is no need to check if trust agents were present prior to + # removal as ldapmodify would return code 16 if they weren't + remove_trust_agents = textwrap.dedent(""" + dn: cn=adtrust agents,cn=sysaccounts,cn=etc,{base_dn} + changetype: modify + delete: member + member: fqdn={hostname},cn=computers,cn=accounts,{base_dn} + """.format(base_dn=host.domain.basedn, hostname=host.hostname)) + tasks.ldapmodify_dm(self.master, remove_trust_agents, + ok_returncode=[0]) + # execute ipa-upgrade + tasks.kinit_admin(self.master) + self.master.run_command(['ipa-server-upgrade', '--force']) + # check if entry was recreated + search_trust_agents = textwrap.dedent(""" + dn: cn=adtrust agents,cn=sysaccounts,cn=etc,{base_dn} + """.format(base_dn=host.domain.basedn)) + tasks.ldapsearch_dm(self.master, host.domain.basedn, + search_trust_agents, ok_returncode=[0]) From 5e30021ac4ff3483e8a482b39a4b47737e02b318 Mon Sep 17 00:00:00 2001 From: Michal Polovka Date: Tue, 6 Oct 2020 10:22:15 +0200 Subject: [PATCH 2/2] temp commit --- .freeipa-pr-ci.yaml | 2 +- ipatests/prci_definitions/temp_commit.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.freeipa-pr-ci.yaml b/.freeipa-pr-ci.yaml index abcf8c5b63..8065669008 120000 --- a/.freeipa-pr-ci.yaml +++ b/.freeipa-pr-ci.yaml @@ -1 +1 @@ -ipatests/prci_definitions/gating.yaml \ No newline at end of file +ipatests/prci_definitions/temp_commit.yaml \ No newline at end of file diff --git a/ipatests/prci_definitions/temp_commit.yaml b/ipatests/prci_definitions/temp_commit.yaml index ef2e4bfa90..368159422a 100644 --- a/ipatests/prci_definitions/temp_commit.yaml +++ b/ipatests/prci_definitions/temp_commit.yaml @@ -68,7 +68,7 @@ jobs: class: RunPytest args: build_url: '{fedora-latest/build_url}' - test_suite: test_integration/test_REPLACEME.py + test_suite: test_integration/test_adtrust_install.py template: *ci-master-latest timeout: 3600 - topology: *master_1repl_1client + topology: *master_1repl