URL: https://github.com/freeipa/freeipa/pull/333
Author: pspacek
 Title: #333: Remove named-pkcs11 workarounds from DNSSEC tests.
Action: synchronized

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/333/head:pr333
git checkout pr333
From c433291234be6f1d51197b94bdaf8202c342b663 Mon Sep 17 00:00:00 2001
From: Petr Spacek <pspa...@redhat.com>
Date: Tue, 13 Dec 2016 16:43:52 +0100
Subject: [PATCH] Remove named-pkcs11 workarounds from DNSSEC tests.

As far as I can tell the tests are passing for some time in Jenkins so
maybe a bug in some underlying component was fixed. Let's remove
workarounds to make tests actually test real setups.

https://fedorahosted.org/freeipa/ticket/5348
---
 ipatests/test_integration/test_dnssec.py | 82 --------------------------------
 1 file changed, 82 deletions(-)

diff --git a/ipatests/test_integration/test_dnssec.py b/ipatests/test_integration/test_dnssec.py
index 56380dd..1ffa268 100644
--- a/ipatests/test_integration/test_dnssec.py
+++ b/ipatests/test_integration/test_dnssec.py
@@ -6,7 +6,6 @@
 import dns.resolver
 import dns.name
 import time
-import pytest
 
 from ipatests.test_integration.base import IntegrationTest
 from ipatests.test_integration import tasks
@@ -106,7 +105,6 @@ def test_if_zone_is_signed_master(self):
         ]
         self.master.run_command(args)
 
-        tasks.restart_named(self.master, self.replicas[0])
         # test master
         assert wait_until_record_is_signed(
             self.master.ip, test_zone, self.log, timeout=100
@@ -127,7 +125,6 @@ def test_if_zone_is_signed_replica(self):
         ]
         self.replicas[0].run_command(args)
 
-        tasks.restart_named(self.replicas[0])
         # test replica
         assert wait_until_record_is_signed(
             self.replicas[0].ip, test_zone_repl, self.log, timeout=300
@@ -173,7 +170,6 @@ def test_disable_reenable_signing_master(self):
         ]
         self.master.run_command(args)
 
-        tasks.restart_named(self.master)
         # test master
         assert wait_until_record_is_signed(
             self.master.ip, test_zone, self.log, timeout=100
@@ -221,8 +217,6 @@ def test_disable_reenable_signing_replica(self):
         ]
         self.master.run_command(args)
 
-        tasks.restart_named(self.master, self.replicas[0])
-
         # test master
         assert wait_until_record_is_signed(
             self.master.ip, test_zone_repl, self.log, timeout=100
@@ -238,77 +232,6 @@ def test_disable_reenable_signing_replica(self):
         assert dnskey_old != dnskey_new, "DNSKEY should be different"
 
 
-class TestZoneSigningWithoutNamedRestart(IntegrationTest):
-    """Test whether https://fedorahosted.org/freeipa/ticket/5348 is already
-    fixed. If the issue is not fixed, the test will expectedly fail. When
-    fixed, it will pass, which will cause the whole run to become "red"
-    """
-    num_replicas = 1
-    topology = 'star'
-
-    @classmethod
-    def install(cls, mh):
-        tasks.install_master(cls.master, setup_dns=False)
-        args = [
-            "ipa-dns-install",
-            "--dnssec-master",
-            "--forwarder", cls.master.config.dns_forwarder,
-            "-U",
-        ]
-        cls.master.run_command(args)
-
-        tasks.install_replica(cls.master, cls.replicas[0], setup_dns=True)
-
-        # backup trusted key
-        tasks.backup_file(cls.master, paths.DNSSEC_TRUSTED_KEY)
-        tasks.backup_file(cls.replicas[0], paths.DNSSEC_TRUSTED_KEY)
-
-    @classmethod
-    def uninstall(cls, mh):
-        # restore trusted key
-        tasks.restore_files(cls.master)
-        tasks.restore_files(cls.replicas[0])
-
-        super(TestZoneSigningWithoutNamedRestart, cls).uninstall(mh)
-
-    @pytest.mark.xfail(strict=True)
-    def test_sign_root_zone_no_named_restart(self):
-        args = [
-            "ipa", "dnszone-add", root_zone, "--dnssec", "true",
-            "--skip-overlap-check",
-        ]
-        self.master.run_command(args)
-
-        # make BIND happy: add the glue record and delegate zone
-        args = [
-            "ipa", "dnsrecord-add", root_zone, self.master.hostname,
-            "--a-rec=" + self.master.ip
-        ]
-        self.master.run_command(args)
-        args = [
-            "ipa", "dnsrecord-add", root_zone, self.replicas[0].hostname,
-            "--a-rec=" + self.replicas[0].ip
-        ]
-        self.master.run_command(args)
-
-        time.sleep(10)  # sleep a bit until data are provided by bind-dyndb-ldap
-
-        args = [
-            "ipa", "dnsrecord-add", root_zone, self.master.domain.name,
-            "--ns-rec=" + self.master.hostname
-        ]
-        self.master.run_command(args)
-        # test master
-        assert wait_until_record_is_signed(
-            self.master.ip, root_zone, self.log, timeout=100
-        ), "Zone %s is not signed (master)" % root_zone
-
-        # test replica
-        assert wait_until_record_is_signed(
-            self.replicas[0].ip, root_zone, self.log, timeout=300
-        ), "Zone %s is not signed (replica)" % root_zone
-
-
 class TestInstallDNSSECFirst(IntegrationTest):
     """Simple DNSSEC test
 
@@ -367,7 +290,6 @@ def test_sign_root_zone(self):
             "--ns-rec=" + self.master.hostname
         ]
         self.master.run_command(args)
-        tasks.restart_named(self.master, self.replicas[0])
         # test master
         assert wait_until_record_is_signed(
             self.master.ip, root_zone, self.log, timeout=100
@@ -398,7 +320,6 @@ def test_chain_of_trust(self):
             "--ns-rec=" + self.master.hostname
         ]
         self.master.run_command(args)
-        tasks.restart_named(self.master, self.replicas[0])
         # wait until zone is signed
         assert wait_until_record_is_signed(
             self.master.ip, example_test_zone, self.log, timeout=100
@@ -536,7 +457,6 @@ def test_migrate_dnssec_master(self):
 
         self.master.run_command(args)
 
-        tasks.restart_named(self.master, self.replicas[0])
         # wait until zone is signed
         assert wait_until_record_is_signed(
             self.master.ip, example_test_zone, self.log, timeout=100
@@ -593,7 +513,6 @@ def test_migrate_dnssec_master(self):
             "--skip-overlap-check",
         ]
         self.replicas[0].run_command(args)
-        tasks.restart_named(self.master, self.replicas[0])
         # wait until zone is signed
         assert wait_until_record_is_signed(
             self.replicas[0].ip, example2_test_zone, self.log, timeout=100
@@ -626,7 +545,6 @@ def test_migrate_dnssec_master(self):
             "--skip-overlap-check",
         ]
         self.replicas[1].run_command(args)
-        tasks.restart_named(self.replicas[0], self.replicas[1])
         # wait until zone is signed
         assert wait_until_record_is_signed(
             self.replicas[1].ip, example3_test_zone, self.log, timeout=200
-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to