Re: [Freeipa-devel] [test][patch-0057] test for ticket N 6146 (installing rules with service principals)

2016-11-10 Thread Oleg Fayans 

The patch was added to existing PR:
https://github.com/freeipa/freeipa/pull/224


On 11/08/2016 05:24 PM, Oleg Fayans wrote:

And this one.

On 11/03/2016 09:42 AM, Oleg Fayans wrote:

One more ping for review

On 10/27/2016 02:21 PM, Oleg Fayans wrote:

ping for review

On 10/25/2016 11:29 AM, Oleg Fayans wrote:

The patch was rebased to be able to apply on top of latest version of
certs in idoverrides patch. As before, it requires patches NN 0049 and
0059 to apply

On 08/10/2016 01:46 PM, Oleg Fayans wrote:

Hi Martin,

I am sorry, yes it depends on my patches 0049 and 0050.


On 08/10/2016 12:27 PM, Martin Basti wrote:



On 10.08.2016 10:38, Oleg Fayans wrote:





Hello,

I cannot apply this patch
error: ipatests/test_integration/test_certs_in_idoverrides.py: does
not
exist in index
It probably depends on another patch (which one?)

Please, use human readable subjects in email, I do not remember from
top
of my head what #6146 is.

Martin^2
















--
Oleg Fayans
Quality Engineer
FreeIPA team
RedHat.

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [test][patch-0057] test for ticket N 6146 (installing rules with service principals)

2016-11-08 Thread Oleg Fayans 

And this one.

On 11/03/2016 09:42 AM, Oleg Fayans wrote:

One more ping for review

On 10/27/2016 02:21 PM, Oleg Fayans wrote:

ping for review

On 10/25/2016 11:29 AM, Oleg Fayans wrote:

The patch was rebased to be able to apply on top of latest version of
certs in idoverrides patch. As before, it requires patches NN 0049 and
0059 to apply

On 08/10/2016 01:46 PM, Oleg Fayans wrote:

Hi Martin,

I am sorry, yes it depends on my patches 0049 and 0050.


On 08/10/2016 12:27 PM, Martin Basti wrote:



On 10.08.2016 10:38, Oleg Fayans wrote:





Hello,

I cannot apply this patch
error: ipatests/test_integration/test_certs_in_idoverrides.py: does
not
exist in index
It probably depends on another patch (which one?)

Please, use human readable subjects in email, I do not remember from
top
of my head what #6146 is.

Martin^2














--
Oleg Fayans
Quality Engineer
FreeIPA team
RedHat.

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [test][patch-0057] test for ticket N 6146 (installing rules with service principals)

2016-11-03 Thread Oleg Fayans 

One more ping for review

On 10/27/2016 02:21 PM, Oleg Fayans wrote:

ping for review

On 10/25/2016 11:29 AM, Oleg Fayans wrote:

The patch was rebased to be able to apply on top of latest version of
certs in idoverrides patch. As before, it requires patches NN 0049 and
0059 to apply

On 08/10/2016 01:46 PM, Oleg Fayans wrote:

Hi Martin,

I am sorry, yes it depends on my patches 0049 and 0050.


On 08/10/2016 12:27 PM, Martin Basti wrote:



On 10.08.2016 10:38, Oleg Fayans wrote:





Hello,

I cannot apply this patch
error: ipatests/test_integration/test_certs_in_idoverrides.py: does not
exist in index
It probably depends on another patch (which one?)

Please, use human readable subjects in email, I do not remember from
top
of my head what #6146 is.

Martin^2












--
Oleg Fayans
Quality Engineer
FreeIPA team
RedHat.

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [test][patch-0057] test for ticket N 6146 (installing rules with service principals)

2016-10-30 Thread Oleg Fayans 

ping for review

On 10/25/2016 11:29 AM, Oleg Fayans wrote:

The patch was rebased to be able to apply on top of latest version of
certs in idoverrides patch. As before, it requires patches NN 0049 and
0059 to apply

On 08/10/2016 01:46 PM, Oleg Fayans wrote:

Hi Martin,

I am sorry, yes it depends on my patches 0049 and 0050.


On 08/10/2016 12:27 PM, Martin Basti wrote:



On 10.08.2016 10:38, Oleg Fayans wrote:





Hello,

I cannot apply this patch
error: ipatests/test_integration/test_certs_in_idoverrides.py: does not
exist in index
It probably depends on another patch (which one?)

Please, use human readable subjects in email, I do not remember from top
of my head what #6146 is.

Martin^2










--
Oleg Fayans
Quality Engineer
FreeIPA team
RedHat.

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [test][patch-0057] test for ticket N 6146 (installing rules with service principals)

2016-08-10 Thread Oleg Fayans 

Hi Martin,

I am sorry, yes it depends on my patches 0049 and 0050.


On 08/10/2016 12:27 PM, Martin Basti wrote:



On 10.08.2016 10:38, Oleg Fayans wrote:





Hello,

I cannot apply this patch
error: ipatests/test_integration/test_certs_in_idoverrides.py: does not
exist in index
It probably depends on another patch (which one?)

Please, use human readable subjects in email, I do not remember from top
of my head what #6146 is.

Martin^2




--
Oleg Fayans
Quality Engineer
FreeIPA team
RedHat.

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [test][patch-0057] test for ticket N 6146 (installing rules with service principals)

2016-08-10 Thread Martin Basti 



On 10.08.2016 10:38, Oleg Fayans wrote:





Hello,

I cannot apply this patch
error: ipatests/test_integration/test_certs_in_idoverrides.py: does not 
exist in index

It probably depends on another patch (which one?)

Please, use human readable subjects in email, I do not remember from top 
of my head what #6146 is.


Martin^2
-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

[Freeipa-devel] [test][patch-0057] test for ticket N 6146

2016-08-10 Thread Oleg Fayans 


--
Oleg Fayans
Quality Engineer
FreeIPA team
RedHat.
From a33a5aea0f12f63d53ff773b3d5e615b1f582d7f Mon Sep 17 00:00:00 2001
From: Oleg Fayans 
Date: Wed, 10 Aug 2016 10:29:59 +0200
Subject: [PATCH] Test for installing rules with service principals

https://fedorahosted.org/freeipa/ticket/6146
---
 .../test_integration/test_certs_in_idoverrides.py  | 82 ++
 1 file changed, 82 insertions(+)

diff --git a/ipatests/test_integration/test_certs_in_idoverrides.py b/ipatests/test_integration/test_certs_in_idoverrides.py
index 9114c4f91cd6378acc53caa068b852ae15670d7a..b9eabdf36abff73d8cd5daab0a1ada2c4dffbca6 100644
--- a/ipatests/test_integration/test_certs_in_idoverrides.py
+++ b/ipatests/test_integration/test_certs_in_idoverrides.py
@@ -10,6 +10,88 @@ from ipatests.test_integration.base import IntegrationTest
 from ipatests.test_integration.tasks import assert_error
 
 
+class TestRulesWithServicePrincipals(IntegrationTest):
+"""
+https://fedorahosted.org/freeipa/ticket/6146
+"""
+
+topology = 'star'
+num_replicas = 0
+service_certprofile = 'caIPAserviceCert'
+caacl = 'test_caacl'
+keytab = "replica.keytab"
+csr = "my.csr"
+csr_conf = "replica.cnf"
+
+@classmethod
+def prepare_config(cls):
+template = """
+req_extensions = v3_req
+distinguished_name = req_distinguished_name
+
+[req_distinguished_name]
+commonName = %s
+
+[ v3_req ]
+
+# Extensions to add to a certificate request
+
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+subjectAltName = @alt_names
+
+[alt_names]
+DNS.1 = %s
+DNS.2 = %s
+EOF
+"""
+
+contents = template % (cls.replica, cls.replica, cls.master.hostname)
+cls.master.run_command("cat < %s\n%s" % (cls.csr_conf, contents))
+
+@classmethod
+def install(cls, mh):
+super(TestRulesWithServicePrincipals, cls).install(mh)
+master = cls.master
+tasks.kinit_admin(master)
+cls.replica = "replica.%s" % master.domain.name
+master.run_command(['ipa', 'host-add', cls.replica, '--force'])
+cls.service_name = "svc/%s" % master.hostname
+cls.replica_service_name = "svc/%s" % cls.replica
+master.run_command("ipa service-add %s" % cls.service_name)
+master.run_command("ipa service-add %s --force" %
+   cls.replica_service_name)
+master.run_command("ipa service-add-host %s --hosts %s" % (
+cls.service_name, cls.replica))
+master.run_command("ipa caacl-add %s --desc \"test\"" % cls.caacl)
+master.run_command("ipa caacl-add-host %s --hosts %s" % (cls.caacl,
+ cls.replica))
+master.run_command("ipa caacl-add-service %s --services"
+   " svc/`hostname`" % cls.caacl)
+master.run_command("ipa-getkeytab -p host/%s@%s -k %s" % (
+cls.replica, master.domain.realm, cls.keytab))
+master.run_command("kinit -kt %s host/%s" % (cls.keytab, cls.replica))
+
+# Prepare a CSR
+
+cls.prepare_config()
+stdin_text = "qwerty\nqwerty\n%s\n" % cls.replica
+
+master.run_command(['openssl', 'req', '-config', cls.csr_conf, '-new',
+'-out', cls.csr], stdin_text=stdin_text)
+
+def test_rules_with_service_principals(self):
+result = self.master.run_command(['ipa', 'cert-request', self.csr,
+  '--principal', "svc/%s@%s" % (
+  self.replica,
+  self.master.domain.realm),
+  '--profile-id',
+  self.service_certprofile],
+ raiseonerr=False)
+assert(result.returncode == 0), (
+'Failed to add a cert to custom certprofile')
+
+
 class TestCertsInIDOverrides(IntegrationTest):
 topology = "line"
 service_certprofile = 'caIPAserviceCert'
-- 
1.8.3.1

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code