Patch attached.
From 43df42f7659e25c38ad83ebf11777d4c103ceeec Mon Sep 17 00:00:00 2001
From: Martin Basti <mba...@redhat.com>
Date: Tue, 8 Sep 2015 13:08:31 +0200
Subject: [PATCH] backup CI: test DNS/DNSSEC after backup and restore

---
 ipatests/test_integration/tasks.py                 | 23 ++++++
 .../test_integration/test_backup_and_restore.py    | 81 ++++++++++++++++++++++
 2 files changed, 104 insertions(+)

diff --git a/ipatests/test_integration/tasks.py b/ipatests/test_integration/tasks.py
index 820507022e6b5e8cc7a57c66c7f9e8e8b1500c7e..06049d4ae01332e0af4d8775b745342406fc868d 100644
--- a/ipatests/test_integration/tasks.py
+++ b/ipatests/test_integration/tasks.py
@@ -26,6 +26,7 @@ import collections
 import itertools
 import time
 import StringIO
+import dns
 
 from ldif import LDIFWriter
 
@@ -801,3 +802,25 @@ def add_a_record(master, host):
                             master.domain.name,
                             host.hostname,
                             '--a-rec', host.ip])
+
+
+def resolve_record(nameserver, query, rtype="SOA", retry=True, timeout=100):
+    """Resolve DNS record
+    :retry: if resolution failed try again until timeout is reached
+    :timeout: max period of time while method will try to resolve query
+     (requires retry=True)
+    """
+    res = dns.resolver.Resolver()
+    res.nameservers = [nameserver]
+    res.lifetime = 10  # wait max 10 seconds for reply
+
+    wait_until = time.time() + timeout
+
+    while time.time() < wait_until:
+        try:
+            ans = res.query(query, rtype)
+            return ans
+        except dns.exception.DNSException:
+            if not retry:
+                raise
+        time.sleep(1)
diff --git a/ipatests/test_integration/test_backup_and_restore.py b/ipatests/test_integration/test_backup_and_restore.py
index 0ce1aaf29f76fec207b6ac64fab81190dae12e7f..7aa42ab4c044b75aed9fda5a920b0f508dc79847 100644
--- a/ipatests/test_integration/test_backup_and_restore.py
+++ b/ipatests/test_integration/test_backup_and_restore.py
@@ -27,6 +27,7 @@ from ipapython.ipa_log_manager import log_mgr
 from ipapython.dn import DN
 from ipatests.test_integration.base import IntegrationTest
 from ipatests.test_integration import tasks
+from ipatests.test_integration.test_dnssec import wait_until_record_is_signed
 from ipatests.util import assert_deepequal
 
 log = log_mgr.get_logger(__name__)
@@ -206,3 +207,83 @@ class TestBackupAndRestore(IntegrationTest):
         ])
         assert 'httpd_can_network_connect --> on' in result.stdout_text
         assert 'httpd_manage_ipa --> on' in result.stdout_text
+
+
+class TestBackupAndRestoreWithDNS(IntegrationTest):
+    topology = 'star'
+
+    example_test_zone = "example.test."
+
+    @classmethod
+    def install(cls, mh):
+        tasks.install_master(cls.master, setup_dns=True)
+
+
+    def test_full_backup_and_restore_with_DNS_zone(self):
+        """backup, uninstall, restore"""
+        with restore_checker(self.master):
+
+            self.master.run_command([
+                'ipa', 'dnszone-add',
+                self.example_test_zone,
+            ])
+
+            tasks.resolve_record(self.master.ip, self.example_test_zone)
+
+            backup_path = backup(self.master)
+
+            self.master.run_command(['ipa-server-install',
+                                     '--uninstall',
+                                     '-U'])
+
+            dirman_password = self.master.config.dirman_password
+            self.master.run_command(['ipa-restore', backup_path],
+                                    stdin_text=dirman_password + '\nyes')
+
+            tasks.resolve_record(self.master.ip, self.example_test_zone)
+
+
+class TestBackupAndRestoreWithDNSSEC(IntegrationTest):
+    topology = 'star'
+
+    example_test_zone = "example.test."
+
+    @classmethod
+    def install(cls, mh):
+        tasks.install_master(cls.master, setup_dns=True)
+        args = [
+            "ipa-dns-install",
+            "--dnssec-master",
+            "--forwarder", cls.master.config.dns_forwarder,
+            "-p", cls.master.config.dirman_password,
+            "-U",
+        ]
+        cls.master.run_command(args)
+
+
+    def test_full_backup_and_restore_with_DNSSEC_zone(self):
+        """backup, uninstall, restore"""
+        with restore_checker(self.master):
+
+            self.master.run_command([
+                'ipa', 'dnszone-add',
+                self.example_test_zone,
+                '--dnssec', 'true',
+            ])
+
+            assert wait_until_record_is_signed(self.master.ip,
+                self.example_test_zone, self.log), "Zone is not signed"
+
+            backup_path = backup(self.master)
+
+            self.master.run_command(['ipa-server-install',
+                                     '--uninstall',
+                                     '-U'])
+
+            dirman_password = self.master.config.dirman_password
+            self.master.run_command(['ipa-restore', backup_path],
+                                    stdin_text=dirman_password + '\nyes')
+
+            assert wait_until_record_is_signed(self.master.ip,
+                self.example_test_zone, self.log), ("Zone is not signed after "
+                                                    "restore")
\ No newline at end of file
-- 
2.4.3

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to