URL: https://github.com/freeipa/freeipa/pull/1362
Author: tomaskrizek
Title: #1362: Travis CI failures: Revert PR#1047
Action: opened
PR body:
"""
PR#1047 was recently merged, but it was tested 2 months ago. The Travis CI
passed, because it used older docker image. Once this was merged, it started to
cause failures with the new image.
It is causing failures in Travis CI in our master branch. This is an attempt to
hotfix the issue. If merged, we should reopen #1047 and test it properly
(rebase, fix issues etc.).
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/1362/head:pr1362
git checkout pr1362
From 54ac25bb539e6d0cd24d659b280c1eb45e7d7120 Mon Sep 17 00:00:00 2001
From: Tomas Krizek <tkri...@redhat.com>
Date: Wed, 6 Dec 2017 12:07:26 +0100
Subject: [PATCH 1/3] Revert "If the cafile is not present or readable then
raise an exception"
This reverts commit 01bfe2247e2297e9e0a55fb1baa0078525747c33, which is
part of PR#1047. This PR wasn't properly tested with the newest docker
image and causes failing jobs in Travis CI.
---
ipalib/util.py | 4 ----
1 file changed, 4 deletions(-)
diff --git a/ipalib/util.py b/ipalib/util.py
index 7d00d48454..f42d58b62a 100644
--- a/ipalib/util.py
+++ b/ipalib/util.py
@@ -313,10 +313,6 @@ def create_https_connection(
raise RuntimeError("cafile argument is required to perform server "
"certificate verification")
- if not os.path.isfile(cafile) or not os.access(cafile, os.R_OK):
- raise RuntimeError("cafile \'{file}\' doesn't exist or is unreadable".
- format(file=cafile))
-
# remove the slice of negating protocol options according to options
tls_span = get_proper_tls_version_span(tls_version_min, tls_version_max)
From 86ea6b2a1110c5f74c736761af925c1f3f6fb91d Mon Sep 17 00:00:00 2001
From: Tomas Krizek <tkri...@redhat.com>
Date: Wed, 6 Dec 2017 12:07:46 +0100
Subject: [PATCH 2/3] Revert "Add test to ensure that properties are being set
in rpcclient"
This reverts commit e8a26afb94e57ce08efad60ed9684bc58b9b1c58, which is
part of PR#1047. This PR wasn't properly tested with the newest docker
image and causes failing jobs in Travis CI.
---
ipatests/test_ipalib/test_rpc.py | 51 ----------------------------------------
1 file changed, 51 deletions(-)
diff --git a/ipatests/test_ipalib/test_rpc.py b/ipatests/test_ipalib/test_rpc.py
index d743a1b7c5..7fe058092d 100644
--- a/ipatests/test_ipalib/test_rpc.py
+++ b/ipatests/test_ipalib/test_rpc.py
@@ -28,10 +28,8 @@
# pylint: disable=import-error
from six.moves.xmlrpc_client import Binary, Fault, dumps, loads
# pylint: enable=import-error
-from six.moves import urllib
from ipatests.util import raises, assert_equal, PluginTester, DummyClass
-from ipatests.util import Fuzzy
from ipatests.data import binary_bytes, utf8_bytes, unicode_str
from ipalib.frontend import Command
from ipalib.request import context, Connection
@@ -343,52 +341,3 @@ def test_help_many_params(self):
"command 'system.methodHelp' takes at most 1 argument")
else:
raise AssertionError('did not raise')
-
-
-class test_rpcclient_context(PluginTester):
- """
- Test the context in `ipalib.rpc.rpcclient` plugin.
- """
- def setup(self):
- try:
- api.Backend.rpcclient.connect(ca_certfile='foo')
- except (errors.NetworkError, IOError):
- raise nose.SkipTest('%r: Server not available: %r' %
- (__name__, api.env.xmlrpc_uri))
-
- def teardown(self):
- if api.Backend.rpcclient.isconnected():
- api.Backend.rpcclient.disconnect()
-
- def test_context_cafile(self):
- """
- Test that ca_certfile is set in `ipalib.rpc.rpcclient.connect`
- """
- ca_certfile = getattr(context, 'ca_certfile', None)
- assert_equal(ca_certfile, 'foo')
-
- def test_context_principal(self):
- """
- Test that principal is set in `ipalib.rpc.rpcclient.connect`
- """
- principal = getattr(context, 'principal', None)
- assert_equal(principal, 'admin@%s' % api.env.realm)
-
- def test_context_request_url(self):
- """
- Test that request_url is set in `ipalib.rpc.rpcclient.connect`
- """
- request_url = getattr(context, 'request_url', None)
- assert_equal(request_url, 'https://%s/ipa/session/json' % api.env.host)
-
- def test_context_session_cookie(self):
- """
- Test that session_cookie is set in `ipalib.rpc.rpcclient.connect`
- """
- fuzzy_cookie = Fuzzy('^ipa_session=MagBearerToken=[A-Za-z0-9+\/]+=*;$')
-
- session_cookie = getattr(context, 'session_cookie', None)
- # pylint-2 is incorrectly spewing Too many positional arguments
- # pylint: disable=E1121
- unquoted = urllib.parse.unquote(session_cookie)
- assert(unquoted == fuzzy_cookie)
From cb4da4ea071c008ac2e4375b2080b287707ae04a Mon Sep 17 00:00:00 2001
From: Tomas Krizek <tkri...@redhat.com>
Date: Wed, 6 Dec 2017 12:07:47 +0100
Subject: [PATCH 3/3] Revert "Use the CA chain file from the RPC context"
This reverts commit 17bda0b1a532ff2ac8503187e2d6e648f63d427f, which is
part of PR#1047. This PR wasn't properly tested with the newest docker
image and causes failing jobs in Travis CI.
---
ipalib/rpc.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ipalib/rpc.py b/ipalib/rpc.py
index 4b5de90d2d..de3dd9d16b 100644
--- a/ipalib/rpc.py
+++ b/ipalib/rpc.py
@@ -561,7 +561,7 @@ def make_connection(self, host):
conn = create_https_connection(
host, 443,
- getattr(context, 'ca_certfile', None),
+ api.env.tls_ca_cert,
tls_version_min=api.env.tls_version_min,
tls_version_max=api.env.tls_version_max)
_______________________________________________
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org
