URL: https://github.com/SSSD/sssd/pull/5303 Author: pbrezina Title: #5303: tests: run TIER-0 multihost tests in PRCI Action: opened
PR body: """ I currently expect failure on rhel-7 box since there are problems with nss which prohibits me from creating a new vagrant box that is required for these tests. I had to revert "libdirsrv should be modified to be compatible with new DS" as it does not provision the directory server correctly, this needs to be fixed. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5303/head:pr5303 git checkout pr5303
From ba3281b9b4dc202919261112e1545954b6f61362 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <[email protected]> Date: Thu, 27 Aug 2020 13:55:14 +0200 Subject: [PATCH 1/5] conf: disable python2 bindings by default Python2 is being fully replaced by Python3 on modern distros so there is no need to build the bindings by default. We even don't ship python2 packages in Fedora for quite some time now. Keeping this on by default requires using --without-python2-bindings on modern distributions where python2 is not installed by default. --- src/conf_macros.m4 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/conf_macros.m4 b/src/conf_macros.m4 index 2b3d402dcb..1256e1a780 100644 --- a/src/conf_macros.m4 +++ b/src/conf_macros.m4 @@ -377,10 +377,10 @@ AC_DEFUN([WITH_KRB5_CONF], AC_DEFUN([WITH_PYTHON2_BINDINGS], [ AC_ARG_WITH([python2-bindings], [AC_HELP_STRING([--with-python2-bindings], - [Whether to build python2 bindings [yes]]) + [Whether to build python2 bindings [no]]) ], [], - [with_python2_bindings=yes] + [with_python2_bindings=no] ) if test x"$with_python2_bindings" = xyes; then AC_SUBST([HAVE_PYTHON2_BINDINGS], [yes]) From aaa8f36fc1e98c2fccf0716203c0b5a81e187acf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <[email protected]> Date: Fri, 28 Aug 2020 13:09:22 +0200 Subject: [PATCH 2/5] multihost: move sssd.testlib closer to tests So it can be used directly without the need of installing the package. --- .gitignore | 6 ++++++ Makefile.am | 2 +- src/tests/{python => multihost}/MANIFEST.in | 0 src/tests/{python => multihost}/README.rst | 0 src/tests/multihost/{basic => }/conftest.py | 0 src/tests/{python => multihost}/docs/Install.rst | 0 src/tests/{python => multihost}/docs/Makefile | 0 src/tests/{python => multihost}/docs/MultihostPlugin.rst | 0 src/tests/{python => multihost}/docs/conf.py | 0 src/tests/{python => multihost}/docs/ds_389.rst | 0 src/tests/{python => multihost}/docs/examples.rst | 0 src/tests/{python => multihost}/docs/index.rst | 0 src/tests/{python => multihost}/docs/kcm.rst | 0 src/tests/{python => multihost}/docs/krb5.rst | 0 src/tests/{python => multihost}/docs/layout.rst | 0 src/tests/{python => multihost}/docs/running.rst | 0 src/tests/{python => multihost}/docs/sssd-testlib.rst | 0 src/tests/{python => multihost}/setup.py | 0 src/tests/{python => multihost}/sssd-testlib.spec | 0 src/tests/{python => multihost}/sssd/__init__.py | 0 src/tests/{python => multihost}/sssd/testlib/__init__.py | 0 .../{python => multihost}/sssd/testlib/common/__init__.py | 0 .../{python => multihost}/sssd/testlib/common/authconfig.py | 0 .../{python => multihost}/sssd/testlib/common/exceptions.py | 0 .../{python => multihost}/sssd/testlib/common/libdirsrv.py | 0 .../{python => multihost}/sssd/testlib/common/libkrb5.py | 0 .../{python => multihost}/sssd/testlib/common/qe_class.py | 0 .../{python => multihost}/sssd/testlib/common/utils.py | 0 src/tests/{python => multihost}/sssd/testlib/etc/pylintrc | 0 29 files changed, 7 insertions(+), 1 deletion(-) rename src/tests/{python => multihost}/MANIFEST.in (100%) rename src/tests/{python => multihost}/README.rst (100%) rename src/tests/multihost/{basic => }/conftest.py (100%) rename src/tests/{python => multihost}/docs/Install.rst (100%) rename src/tests/{python => multihost}/docs/Makefile (100%) rename src/tests/{python => multihost}/docs/MultihostPlugin.rst (100%) rename src/tests/{python => multihost}/docs/conf.py (100%) rename src/tests/{python => multihost}/docs/ds_389.rst (100%) rename src/tests/{python => multihost}/docs/examples.rst (100%) rename src/tests/{python => multihost}/docs/index.rst (100%) rename src/tests/{python => multihost}/docs/kcm.rst (100%) rename src/tests/{python => multihost}/docs/krb5.rst (100%) rename src/tests/{python => multihost}/docs/layout.rst (100%) rename src/tests/{python => multihost}/docs/running.rst (100%) rename src/tests/{python => multihost}/docs/sssd-testlib.rst (100%) rename src/tests/{python => multihost}/setup.py (100%) rename src/tests/{python => multihost}/sssd-testlib.spec (100%) rename src/tests/{python => multihost}/sssd/__init__.py (100%) rename src/tests/{python => multihost}/sssd/testlib/__init__.py (100%) rename src/tests/{python => multihost}/sssd/testlib/common/__init__.py (100%) rename src/tests/{python => multihost}/sssd/testlib/common/authconfig.py (100%) rename src/tests/{python => multihost}/sssd/testlib/common/exceptions.py (100%) rename src/tests/{python => multihost}/sssd/testlib/common/libdirsrv.py (100%) rename src/tests/{python => multihost}/sssd/testlib/common/libkrb5.py (100%) rename src/tests/{python => multihost}/sssd/testlib/common/qe_class.py (100%) rename src/tests/{python => multihost}/sssd/testlib/common/utils.py (100%) rename src/tests/{python => multihost}/sssd/testlib/etc/pylintrc (100%) diff --git a/.gitignore b/.gitignore index 82432e181b..0db85d90df 100644 --- a/.gitignore +++ b/.gitignore @@ -112,3 +112,9 @@ sss_ssh_knownhostsproxy sssd_ssh test-authtok /ci-build-* + +# multihost tests +!src/tests/multihost/sssd +!src/tests/multihost/docs/Makefile +!src/tests/multihost/setup.py +!src/tests/multihost/sssd-testlib.spec diff --git a/Makefile.am b/Makefile.am index 9aef6e8d5d..edf72b3803 100644 --- a/Makefile.am +++ b/Makefile.am @@ -5476,7 +5476,7 @@ dist_noinst_DATA += \ contrib/sssd.spec.in \ BUILD.txt \ COPYING \ - src/tests/multihost/basic/conftest.py \ + src/tests/multihost/conftest.py \ src/tests/multihost/basic/mhc.yaml \ src/tests/multihost/basic/README.md \ src/tests/multihost/basic/test_basic.py \ diff --git a/src/tests/python/MANIFEST.in b/src/tests/multihost/MANIFEST.in similarity index 100% rename from src/tests/python/MANIFEST.in rename to src/tests/multihost/MANIFEST.in diff --git a/src/tests/python/README.rst b/src/tests/multihost/README.rst similarity index 100% rename from src/tests/python/README.rst rename to src/tests/multihost/README.rst diff --git a/src/tests/multihost/basic/conftest.py b/src/tests/multihost/conftest.py similarity index 100% rename from src/tests/multihost/basic/conftest.py rename to src/tests/multihost/conftest.py diff --git a/src/tests/python/docs/Install.rst b/src/tests/multihost/docs/Install.rst similarity index 100% rename from src/tests/python/docs/Install.rst rename to src/tests/multihost/docs/Install.rst diff --git a/src/tests/python/docs/Makefile b/src/tests/multihost/docs/Makefile similarity index 100% rename from src/tests/python/docs/Makefile rename to src/tests/multihost/docs/Makefile diff --git a/src/tests/python/docs/MultihostPlugin.rst b/src/tests/multihost/docs/MultihostPlugin.rst similarity index 100% rename from src/tests/python/docs/MultihostPlugin.rst rename to src/tests/multihost/docs/MultihostPlugin.rst diff --git a/src/tests/python/docs/conf.py b/src/tests/multihost/docs/conf.py similarity index 100% rename from src/tests/python/docs/conf.py rename to src/tests/multihost/docs/conf.py diff --git a/src/tests/python/docs/ds_389.rst b/src/tests/multihost/docs/ds_389.rst similarity index 100% rename from src/tests/python/docs/ds_389.rst rename to src/tests/multihost/docs/ds_389.rst diff --git a/src/tests/python/docs/examples.rst b/src/tests/multihost/docs/examples.rst similarity index 100% rename from src/tests/python/docs/examples.rst rename to src/tests/multihost/docs/examples.rst diff --git a/src/tests/python/docs/index.rst b/src/tests/multihost/docs/index.rst similarity index 100% rename from src/tests/python/docs/index.rst rename to src/tests/multihost/docs/index.rst diff --git a/src/tests/python/docs/kcm.rst b/src/tests/multihost/docs/kcm.rst similarity index 100% rename from src/tests/python/docs/kcm.rst rename to src/tests/multihost/docs/kcm.rst diff --git a/src/tests/python/docs/krb5.rst b/src/tests/multihost/docs/krb5.rst similarity index 100% rename from src/tests/python/docs/krb5.rst rename to src/tests/multihost/docs/krb5.rst diff --git a/src/tests/python/docs/layout.rst b/src/tests/multihost/docs/layout.rst similarity index 100% rename from src/tests/python/docs/layout.rst rename to src/tests/multihost/docs/layout.rst diff --git a/src/tests/python/docs/running.rst b/src/tests/multihost/docs/running.rst similarity index 100% rename from src/tests/python/docs/running.rst rename to src/tests/multihost/docs/running.rst diff --git a/src/tests/python/docs/sssd-testlib.rst b/src/tests/multihost/docs/sssd-testlib.rst similarity index 100% rename from src/tests/python/docs/sssd-testlib.rst rename to src/tests/multihost/docs/sssd-testlib.rst diff --git a/src/tests/python/setup.py b/src/tests/multihost/setup.py similarity index 100% rename from src/tests/python/setup.py rename to src/tests/multihost/setup.py diff --git a/src/tests/python/sssd-testlib.spec b/src/tests/multihost/sssd-testlib.spec similarity index 100% rename from src/tests/python/sssd-testlib.spec rename to src/tests/multihost/sssd-testlib.spec diff --git a/src/tests/python/sssd/__init__.py b/src/tests/multihost/sssd/__init__.py similarity index 100% rename from src/tests/python/sssd/__init__.py rename to src/tests/multihost/sssd/__init__.py diff --git a/src/tests/python/sssd/testlib/__init__.py b/src/tests/multihost/sssd/testlib/__init__.py similarity index 100% rename from src/tests/python/sssd/testlib/__init__.py rename to src/tests/multihost/sssd/testlib/__init__.py diff --git a/src/tests/python/sssd/testlib/common/__init__.py b/src/tests/multihost/sssd/testlib/common/__init__.py similarity index 100% rename from src/tests/python/sssd/testlib/common/__init__.py rename to src/tests/multihost/sssd/testlib/common/__init__.py diff --git a/src/tests/python/sssd/testlib/common/authconfig.py b/src/tests/multihost/sssd/testlib/common/authconfig.py similarity index 100% rename from src/tests/python/sssd/testlib/common/authconfig.py rename to src/tests/multihost/sssd/testlib/common/authconfig.py diff --git a/src/tests/python/sssd/testlib/common/exceptions.py b/src/tests/multihost/sssd/testlib/common/exceptions.py similarity index 100% rename from src/tests/python/sssd/testlib/common/exceptions.py rename to src/tests/multihost/sssd/testlib/common/exceptions.py diff --git a/src/tests/python/sssd/testlib/common/libdirsrv.py b/src/tests/multihost/sssd/testlib/common/libdirsrv.py similarity index 100% rename from src/tests/python/sssd/testlib/common/libdirsrv.py rename to src/tests/multihost/sssd/testlib/common/libdirsrv.py diff --git a/src/tests/python/sssd/testlib/common/libkrb5.py b/src/tests/multihost/sssd/testlib/common/libkrb5.py similarity index 100% rename from src/tests/python/sssd/testlib/common/libkrb5.py rename to src/tests/multihost/sssd/testlib/common/libkrb5.py diff --git a/src/tests/python/sssd/testlib/common/qe_class.py b/src/tests/multihost/sssd/testlib/common/qe_class.py similarity index 100% rename from src/tests/python/sssd/testlib/common/qe_class.py rename to src/tests/multihost/sssd/testlib/common/qe_class.py diff --git a/src/tests/python/sssd/testlib/common/utils.py b/src/tests/multihost/sssd/testlib/common/utils.py similarity index 100% rename from src/tests/python/sssd/testlib/common/utils.py rename to src/tests/multihost/sssd/testlib/common/utils.py diff --git a/src/tests/python/sssd/testlib/etc/pylintrc b/src/tests/multihost/sssd/testlib/etc/pylintrc similarity index 100% rename from src/tests/python/sssd/testlib/etc/pylintrc rename to src/tests/multihost/sssd/testlib/etc/pylintrc From a21c51d0ac0c2eb9adbaa71a2e9e7a5de9926fb8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <[email protected]> Date: Fri, 28 Aug 2020 13:10:01 +0200 Subject: [PATCH 3/5] multihost: remove packaging files The test library is not currently published in pypi nor Fedora and it is not being reused by other projects so it makes no sense for us to keep maintaining these files. --- src/tests/multihost/MANIFEST.in | 3 - src/tests/multihost/README.rst | 4 - src/tests/multihost/requirements.txt | 5 + src/tests/multihost/setup.py | 38 ------- src/tests/multihost/sssd-testlib.spec | 144 -------------------------- 5 files changed, 5 insertions(+), 189 deletions(-) delete mode 100644 src/tests/multihost/MANIFEST.in delete mode 100644 src/tests/multihost/README.rst create mode 100644 src/tests/multihost/requirements.txt delete mode 100644 src/tests/multihost/setup.py delete mode 100644 src/tests/multihost/sssd-testlib.spec diff --git a/src/tests/multihost/MANIFEST.in b/src/tests/multihost/MANIFEST.in deleted file mode 100644 index f880c36cdd..0000000000 --- a/src/tests/multihost/MANIFEST.in +++ /dev/null @@ -1,3 +0,0 @@ -include README.rst -recursive-include sssd/testlib/etc/ * -recursive-include docs * diff --git a/src/tests/multihost/README.rst b/src/tests/multihost/README.rst deleted file mode 100644 index 16da90f390..0000000000 --- a/src/tests/multihost/README.rst +++ /dev/null @@ -1,4 +0,0 @@ -sssd_qe_tests -============= - -`sssd.testlib` is a library containing shared functions to automate `System Services Security Daemon (SSSD)` using pytest framework. diff --git a/src/tests/multihost/requirements.txt b/src/tests/multihost/requirements.txt new file mode 100644 index 0000000000..84272a9eca --- /dev/null +++ b/src/tests/multihost/requirements.txt @@ -0,0 +1,5 @@ +paramiko +pytest +pytest_multihost +python-ldap +PyYAML diff --git a/src/tests/multihost/setup.py b/src/tests/multihost/setup.py deleted file mode 100644 index b0a2413da7..0000000000 --- a/src/tests/multihost/setup.py +++ /dev/null @@ -1,38 +0,0 @@ -#!/usr/bin/python -# -# Copyright (C) 2016 sssd-qe contributors. -# -from setuptools import setup - -REQUIRES = [ - 'paramiko', - 'PyYAML', - 'python-ldap', - 'pytest_multihost', - 'pytest'] - -with open('README.rst', 'r') as f: - README = f.read() - -setup_args = dict( - name='sssd.testlib', - version='0.1-11', - description='System Services Security Daemon python test suite', - long_description=README, - author=u'SSSD QE Team', - url='http://git.app.eng.bos.redhat.com/git/sssd-qe-tests.git/', - packages=[ - 'sssd', - 'sssd.testlib', - 'sssd.testlib.common', - ], - package_data={'': ['LICENSE']}, - install_requires=REQUIRES, - license='GNU GPL v3.0', - classifiers=( - 'Programming Language :: Python', - 'Programming Language :: Python :: 2.7', - ), -) -if __name__ == '__main__': - setup(**setup_args) diff --git a/src/tests/multihost/sssd-testlib.spec b/src/tests/multihost/sssd-testlib.spec deleted file mode 100644 index 6987d0ed81..0000000000 --- a/src/tests/multihost/sssd-testlib.spec +++ /dev/null @@ -1,144 +0,0 @@ -%if 0%{?rhel} && 0%{?rhel} >= 8 -%global with_python3 1 -%else -%{!?__python2: %global __python2 /usr/bin/python2} -%{!?python2_sitelib2: %global python2_sitelib %(%{__python2} -c "from distutils.sysconfig import get_python_lib; print (get_python_lib())")} -%endif -%if 0%{?fedora} >= 27 -%global with_python3 1 -%endif - -%define name sssd-testlib -%define owner sssd-qe -%define project sssd-testlib -%define version 0.1 -%define release 11 -%define srcname sssd-testlib - -Name: %{name} -Version: %{version} -Release: %{release}%{?dist} -Summary: System Services Security Daemon (SSSD) PyTest Framework -License: GPLv3+ -Source0: %{name}.tar.gz - -BuildArch: noarch -%if 0%{?with_python3} -BuildRequires: python3-devel -%else -%if 0%{?fedora} -BuildRequires: python2-devel -%else -BuildRequires: python-devel -%endif -%endif - -%if 0%{?fedora} -Requires: python3-paramiko -Requires: freeipa-python -Requires: python3-pytest-multihost >= 1.1 -Requires: python3-PyYAML -Requires: python3-pytest -Requires: python-dns -Requires: python-krbV -Requires: python-nss -%else -Requires: python-paramiko -Requires: python-pytest-multihost >= 1.1 -Requires: PyYAML -Requires: pytest -Requires: python-ldap -Requires: openldap-clients -Requires: python-dns -Requires: python-krbV -Requires: python-nss -%else -%if 0%{?rhel} -Requires: ipa-python -%endif -%endif - -%description -A python framework for System Services Security Daemon (SSSD) PyTest Framework. - -%prep -%setup -qn %{project} - -%if 0%{?with_python3} -echo %{py3dir} -rm -rf %{py3dir} -cp -a . %{py3dir} -%endif - -%build -%{__python2} setup.py build -%if 0%{?with_python3} -pushd %{py3dir} -%{__python3} setup.py build -popd -%endif - -%install -%{__python2} setup.py install -O1 --skip-build --root %{buildroot} -%if 0%{?with_python3} -%py_byte_compile %{__python2} %{buildroot}%{python_sitelib}/%{srcname} -%else -%{__python2} -m compileall %{buildroot}%{python_sitelib}/%{srcname} -%endif - -%if 0%{?with_python3} -pushd %{py3dir} -%{__python3} setup.py install --skip-build --root %{buildroot} -%py_byte_compile %{__python3} %{buildroot}%{python3_sitelib}/%{srcname} -popd -%endif - -mkdir -p %{buildroot}/etc/sssd_testlib -install -m 644 sssd/testlib/etc/* %{buildroot}/etc/sssd_testlib/ - -%files -%doc README.rst docs/* -%config /etc/sssd_testlib -%if 0%{?fedora} -%{python2_sitelib}/* -%endif -%if 0%{?with_python3} -%{python3_sitelib}/* -%else: -%{python2_sitelib}/* -%endif - -%changelog -* Fri Jul 7 2017 Niranjan MR <[email protected]> - 0.1-11 -- pylint fixes -* Sat Apr 19 2017 Niranjan MR <[email protected]> - 0.1-10 -- Add functions to create POSIX users/groups -- Add libkrb5 module to create kerberos server -- Use paramiko to test ssh logins for non-root users -- Update documentation -* Tue Mar 14 2017 Niranjan MR <[email protected]> - 0.1-9 -- Use adcli with realm to join system to Windows AD -* Mon Feb 20 2017 Niranjan MR <[email protected]> - 0.1-8 -- Fix indetation issues with qe_class.py -* Fri Feb 17 2017 Niranjan MR <[email protected]> - 0.1-7 -- pep8 fixes to sssd.testlib.common -- updated docs on setting up DS instances using multihost -* Wed Nov 30 2016 Niranjan MR <[email protected]> - 0.1-6 -- Add functions related to configuring Directory Server, -- Add functions related to adding, removing, modifying AD users, - and adding UNIX attributes to Windows AD Users -* Fri Oct 21 2016 Niranjan MR <[email protected]> - 0.1-5 -- Add functions to connect AD and move common fixtures - as sssdTools module in common -* Sat Sep 10 2016 Niranjan MR <[email protected]> - 0.1-4 -- Add Run time requirement to have pytest-multihost >= 1.1 -- Modify spec file to be built on fedora/rhel -- When using fedora 24 and above use python3 -* Wed Aug 24 2016 Niranjan MR <[email protected]> - 0.1-3 -- Add functions to start/stop/restart sssd based on RHEL versions -- Use systemctl instead of service command for systemd based versions -* Fri Jul 15 2016 Niranjan MR <[email protected]> - 0.1-2 -- Modified qe_class.py to make Windows AD details to be in separate domain -- Added ipa-python as a Runtime dependency -* Thu Jun 30 2016 Niranjan MR <[email protected]> - 0.1-1 -- initial version- From 370c566423e885ee278168dd91ed369a9824c6d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <[email protected]> Date: Tue, 25 Aug 2020 10:21:01 +0200 Subject: [PATCH 4/5] tests: run TIER-0 multihost tests in PRCI --- Makefile.am | 2 +- contrib/test-suite/test-suite.yml | 33 +++++++++ src/tests/multihost/README.md | 50 +++++++++++++ src/tests/multihost/basic/README.md | 107 ---------------------------- src/tests/multihost/basic/mhc.yaml | 16 ++--- 5 files changed, 92 insertions(+), 116 deletions(-) create mode 100644 src/tests/multihost/README.md delete mode 100644 src/tests/multihost/basic/README.md diff --git a/Makefile.am b/Makefile.am index edf72b3803..589129638e 100644 --- a/Makefile.am +++ b/Makefile.am @@ -5476,9 +5476,9 @@ dist_noinst_DATA += \ contrib/sssd.spec.in \ BUILD.txt \ COPYING \ + src/tests/multihost/README.md \ src/tests/multihost/conftest.py \ src/tests/multihost/basic/mhc.yaml \ - src/tests/multihost/basic/README.md \ src/tests/multihost/basic/test_basic.py \ src/tests/multihost/basic/test_config.py \ src/tests/multihost/basic/test_files.py \ diff --git a/contrib/test-suite/test-suite.yml b/contrib/test-suite/test-suite.yml index 49763fa4b6..6b78204d2e 100644 --- a/contrib/test-suite/test-suite.yml +++ b/contrib/test-suite/test-suite.yml @@ -10,3 +10,36 @@ - ci-build-debug/test-suite.log - ci-build-debug/ci-mock-result/*.log timeout: 6 hours + +- name: Multihost tests Tier 0 + machines: + - client + tasks: + - name: Execute tests + shell: | + set -o nounset -o pipefail -o errexit -o xtrace + + if [ ! -e /etc/redhat-release ]; then + echo "Unsupported platform." + exit 0 + fi + + echo "Building SSSD" + autoreconf -if &> multihost-build.log + ./configure &>> multihost-build.log + make rpms &>> multihost-build.log + + echo "Installing SSSD" + sudo yum install -y ./rpmbuild/RPMS/*/*.rpm &> multihost-install.log + + DIR=/shared/sssd/src/tests/multihost + + echo "Installing python requirements" + sudo pip3 install -r $DIR/requirements.txt &> multihost-pip.log + + echo "Running tests" + pytest-3 -s --multihost-config=$DIR/basic/mhc.yaml $DIR \ + &> multihost-pytest.log + timeout: 6 hours + artifacts: + - multihost-*.log diff --git a/src/tests/multihost/README.md b/src/tests/multihost/README.md new file mode 100644 index 0000000000..06028ae2b1 --- /dev/null +++ b/src/tests/multihost/README.md @@ -0,0 +1,50 @@ +# Instructions on executing tests + +Multihost tests uses the `python-multihost` framework to execute test commands +on remote machines. The tests themselves are run locally via pytest. + +## Install requirements + +``` +sudo pip3 install -r src/tests/multihost/requirements.txt +``` + +You can also install them in virtual environment using the virtualenv command +if you wish. + +## Prepare remote machines + +Existing tests currently requires only one remote machine where the SSSD version +that you want to test is installed. The machine must be Fedora or RHEL so it can +be correctly provisioned. The **tests will modify the machine** so use something +disposable. + +It is recommended to use [sssd-test-suite] project to create such machine. The +multihost tests can run out of the box using [sssd-test-suite] without any +further changes. + +[sssd-test-suite]: https://github.com/SSSD/sssd-test-suite + +## Prepare multihost configuration + +Edit `src/tests/multihost/basic/mhc.yaml`: + +```yaml +root_password: 'vagrant' # use remote machine root password +domains: +- name: master.client.vm + type: sssd + hosts: + - name: master.client.vm + external_hostname: master.client.vm + ip: 192.168.100.30 + role: master +``` + +Note: You can skip this step if you use machines from sssd-test-suite. + +## Run the tests + +``` +pytest-3 -s --multihost-config=src/tests/multihost/basic/mhc.yaml src/tests/multihost +``` diff --git a/src/tests/multihost/basic/README.md b/src/tests/multihost/basic/README.md deleted file mode 100644 index 95eb8aa564..0000000000 --- a/src/tests/multihost/basic/README.md +++ /dev/null @@ -1,107 +0,0 @@ -# Instructions on executing tests - -This Directory contains test written with pytest framework using pytest-multihost plugin. - - -## Requirements - -1. Controller Node/Jumphost from where pytest is invoked. pytest and pytest-multihost plugin needs -to be installed. - -2. Another Fedora/RHEL8 system(SUT/System under test) on which the actual commands specified in tests are run. - -## Steps: - -1. Setup required on Controller Node/Jumphost - -* On Fedora 30 , Install below packages using dnf: - - ```$ dnf install python3-pip nss-tools python3-virtualenv gcc git openldap-devel``` - -* Clone sssd using **git**:: - - ```$ git clone https://github.com/SSSD/sssd/``` - -* Create a Isolated Virtual Python Environment:: - - ```$ virtualenv /tmp/abc``` - -* Activate the Virtual environment:: - - ``` - $ source /tmp/abc/bin/activate - $ (abc) [root@master-7740 bin]# - ``` - -* Install the sssd-testlib on your virtualenv:: - - ``` - $ cd sssd/src/tests/python - $ python setup.py install - ``` -* Install **pytest, pytest-multihost, python-ldap, paramiko, PyYAML**:: - - ```$ pip install pytest pytest-multihost paramiko python-ldap PyYAML``` - -2. Setup required on Fedora/RHEL8 system (SUT). - -* Setup a FQDN Hostname for example **idm1.example.test**:: - - ``` - $ hostnamectl set-hostname idm1.example.test - ``` - -* Add the ipv4 ipaddress and the hostname to have local resolution in /etc/hosts - - ``` - $ cat /etc/hosts - 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 - ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 - 192.168.122.7 idm1.example.test - ``` - -3. On the Controller Node/Jump Host verify **idm1.example.test** is resolvable by -adding the SUT ipaddress and hostname in **/etc/hosts** - - ``` - $ ping -c 5 idm1.example.test - PING idm1.example.test (192.168.122.7) 56(84) bytes of data. - 64 bytes from idm1.example.test (192.168.122.7): icmp_seq=1 ttl=64 time=0.258 ms - 64 bytes from idm1.example.test (192.168.122.7): icmp_seq=2 ttl=64 time=0.295 ms - 64 bytes from idm1.example.test (192.168.122.7): icmp_seq=3 ttl=64 time=0.230 ms - 64 bytes from idm1.example.test (192.168.122.7): icmp_seq=4 ttl=64 time=0.081 ms - 64 bytes from idm1.example.test (192.168.122.7): icmp_seq=5 ttl=64 time=0.120 ms - ``` - - -4. Pytest Multihost plugin requires a configuration file in yaml format. -This configuration file contains the hosts and the roles the hosts are -playing required for a test suite. - -* Below is the example multihost configuration for a single host. Since -all the tests in multihost/basic directory are single hosts tests that sets -up the ldap(389-ds), kerberos server and also configures client to authenticate against -the ldap and kerberos on the same system. - -In the below example file **mhc.yaml**, multihost plugin connects to host *idm1.example.com* -using ssh and password **redhat*\:: - -``` - root_password: 'redhat' - domains: - - name: example.test - type: sssd - hosts: - - name: idm1.example.test - external_hostname: idm1.example.test - ip: 192.168.122.7 - role: master -``` - -5. Execute pytest:: - - ```$ pytest -s -v --multihost-config=mhc.yaml sssd/src/tests/multihost/basic/``` - -* To execute only specific test case:: - - ```$ pytest -s -v --multihost-config=mhc.yaml sssd/src/tests/multihost/basic/test_kcm.py``` diff --git a/src/tests/multihost/basic/mhc.yaml b/src/tests/multihost/basic/mhc.yaml index de73011bd5..93cde90fd9 100644 --- a/src/tests/multihost/basic/mhc.yaml +++ b/src/tests/multihost/basic/mhc.yaml @@ -1,9 +1,9 @@ -windows_test_dir: '/home/Administrator' -root_password: 'redhat' +root_password: 'vagrant' domains: - - name: testrealm.test - type: sssd - hosts: - - name: hostname1 - external_hostname: hostname1 - role: master +- name: master.client.vm + type: sssd + hosts: + - name: master.client.vm + external_hostname: master.client.vm + ip: 192.168.100.30 + role: master From 4c743ba98393f8592a9cef8cb1a59e55b6ac262a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <[email protected]> Date: Wed, 2 Sep 2020 13:36:07 +0200 Subject: [PATCH 5/5] Revert "libdirsrv should be modified to be compatible with new DS" This reverts commit 2f4140fa663b74c5390e2c4f3647db0505ff5f85. --- src/tests/multihost/conftest.py | 4 +- .../sssd/testlib/common/libdirsrv.py | 144 ++++++------------ .../multihost/sssd/testlib/common/utils.py | 21 +-- 3 files changed, 58 insertions(+), 111 deletions(-) diff --git a/src/tests/multihost/conftest.py b/src/tests/multihost/conftest.py index 413d1d7b18..b30d25aa84 100644 --- a/src/tests/multihost/conftest.py +++ b/src/tests/multihost/conftest.py @@ -38,7 +38,7 @@ def package_install(session_multihost): distro = session_multihost.master[0].distro pkg_list = 'authselect nss-tools 389-ds-base krb5-server '\ 'openldap-clients krb5-workstation '\ - 'sssd sssd-dbus sssd-kcm ' \ + '389-ds-base-legacy-tools sssd sssd-dbus sssd-kcm ' \ 'expect ldb-tools sssd-tools' if 'Fedora' in distro: cmd = 'dnf install -y %s' % (pkg_list) @@ -281,7 +281,7 @@ def enable_files_domain(session_multihost): """ session_multihost.master[0].transport.get_file('/etc/sssd/sssd.conf', '/tmp/sssd.conf') - sssdconfig = ConfigParser.RawConfigParser(delimiters=('=')) + sssdconfig = ConfigParser.SafeConfigParser() sssdconfig.read('/tmp/sssd.conf') sssd_section = 'sssd' if sssd_section in sssdconfig.sections(): diff --git a/src/tests/multihost/sssd/testlib/common/libdirsrv.py b/src/tests/multihost/sssd/testlib/common/libdirsrv.py index f48ad40be1..43d73d7c18 100644 --- a/src/tests/multihost/sssd/testlib/common/libdirsrv.py +++ b/src/tests/multihost/sssd/testlib/common/libdirsrv.py @@ -14,10 +14,10 @@ from sssd.testlib.common.exceptions import LdapException from sssd.testlib.common.utils import LdapOperations -DS_USER = 'dirsrv' -DS_GROUP = 'dirsrv' +DS_USER = 'nobody' +DS_GROUP = 'nobody' DS_ADMIN = 'admin' -DS_ROOTDN = 'cn=Directory Manager' +DS_ROOTDN = 'CN=Directory Manager' class DirSrv(object): @@ -51,7 +51,7 @@ def __repr__(self): self.__dict__) def create_config(self): - """create inf file for dscreate to setup DS instances. + """create config file for setup-ds.pl to setup DS instances. Args: param1 (None): @@ -64,21 +64,17 @@ def create_config(self): """ config = ConfigParser.RawConfigParser() config.optionxform = str - config.add_section('general') - config.set('general', 'full_machine_name', self.dsinstance_host) - config.set('general', 'user', DS_USER) - config.set('general', 'group', DS_GROUP) + config.add_section('General') + config.set('General', 'FullMachineName', self.dsinstance_host) + config.set('General', 'SuiteSpotUserID', DS_USER) + config.set('General', 'SuiteSpotGroup', DS_GROUP) + config.set('General', 'ConfigDirectoryAdminID', DS_ADMIN) config.add_section('slapd') - config.set('slapd', 'instance_name', self.instance_name) - config.set('slapd', 'port', self.dsldap_port) - config.set('slapd', 'suffix', self.dsinstance_suffix) - config.set('slapd', 'root_dn', self.dsrootdn) - config.set('slapd', 'root_password', self.dsrootdn_pwd) - config.set('slapd', 'self_sign_cert', False) - config.add_section('backend-userRoot') - config.set('backend-userRoot', 'create_suffix_entry', 'True') - config.set('backend-userRoot', 'sample_entries', '001003006') - config.set('backend-userRoot', 'suffix', self.dsinstance_suffix) + config.set('slapd', 'ServerIdentifier', self.instance_name) + config.set('slapd', 'ServerPort', self.dsldap_port) + config.set('slapd', 'Suffix', self.dsinstance_suffix) + config.set('slapd', 'RootDN', self.dsrootdn) + config.set('slapd', 'RootDNPwd', self.dsrootdn_pwd) (ds_config, ds_config_file_path) = tempfile.mkstemp(suffix='cfg') os.close(ds_config) @@ -87,23 +83,23 @@ def create_config(self): return ds_config_file_path def setup_ds(self, ds_cfg_file): - """create DS instance by running dscreate + """create DS instance by running setup-ds.pl. Args: ds_config_file (str): ds_config_file: Configuration File path Returns: - bool: True if dscreate ran successfully else False + bool: True if setup-ds.pl ran successfully else False Exceptions: subprocess.CalledProcessError: """ self.multihost.transport.put_file(ds_cfg_file, '/tmp/test.cfg') - setup_cmd = 'dscreate -v from-file %s' % '/tmp/test.cfg' + setup_args = ['setup-ds.pl', '--silent', + '--file=/tmp/test.cfg', '--debug'] try: - self.multihost.run_command(setup_cmd) + self.multihost.run_command(setup_args) except subprocess.CalledProcessError: - self.multihost.log.info("Failed to setup Directory Server") raise else: os.remove(ds_cfg_file) @@ -123,18 +119,17 @@ def remove_ds(self, inst_name=None): """ if inst_name is None: inst_name = self.ds_inst_name - remove_cmd = 'dsctl %s remove --do-it' % (inst_name) + remove_args = ['remove-ds.pl', '-i', inst_name, '-d'] try: - self.multihost.run_command(remove_cmd) + self.multihost.run_command(remove_args) except subprocess.CalledProcessError: - self.multihost.log.info("Failed to remove %s instance" % inst_name) raise def _copy_pkcs12(self, ssl_dir): """ Copy the pkcs12 files from ssl_dir to DS instance directory """ - server_p12 = '%s-server.p12' % self.multihost.sys_hostname - nss_db_files = ['ca.p12', 'pin.txt', 'pwfile', server_p12] + + nss_db_files = ['ca.p12', 'server.p12', 'pin.txt', 'pwfile'] for db_file in nss_db_files: source = os.path.join(ssl_dir, db_file) destination = os.path.join(self.dsinst_path, db_file) @@ -163,18 +158,18 @@ def _set_dsperms(self, file_path): self.multihost.run_command(change_ownership) except subprocess.CalledProcessError: raise DirSrvException( - 'Failed to change ownership of pin.txt') + 'fail to user change ownership of pin.txt fail') try: self.multihost.run_command(change_group) except subprocess.CalledProcessError: raise DirSrvException( - 'Failed to change group ownership of pin.txt') + 'fail to change group ownership of pin.txt file') try: self.multihost.run_command(chmod_file) except subprocess.CalledProcessError: - raise DirSrvException('Failed to change permissions of pin.txt') + raise DirSrvException('fail to change permissions of pin.txt file') - def setup_certs(self, ssl_dir, client_host=None, canick=None): + def setup_certs(self, ssl_dir): """copy CA and Server certs to all DS instances. Args: @@ -194,7 +189,7 @@ def setup_certs(self, ssl_dir, client_host=None, canick=None): try: self.multihost.run_command(stop_ds) except subprocess.CalledProcessError: - raise DirSrvException("Failed to stop Directory Server instance") + raise DirSrvException("Unable to stop Directory Server instance") else: self.multihost.log.info('DS instance stopped successfully') self._copy_pkcs12(ssl_dir) @@ -202,31 +197,23 @@ def setup_certs(self, ssl_dir, client_host=None, canick=None): target_pin_file = os.path.join(self.dsinst_path, 'pin.txt') pwfile = os.path.join(self.dsinst_path, 'pwfile') ca_p12 = os.path.join(self.dsinst_path, 'ca.p12') - server_p12_name = '%s-%s' % (self.multihost.sys_hostname, 'server.p12') - server_p12 = os.path.join(self.dsinst_path, server_p12_name) - # create directory to copy ca cert - certutil_cmd = 'certutil -T -d %s -f %s' % (self.dsinst_path, pwfile) + server_p12 = os.path.join(self.dsinst_path, 'server.p12') + # recreate the database + certutil_cmd = 'certutil -N -d %s -f %s' % (self.dsinst_path, pwfile) self.multihost.run_command(certutil_cmd) create_cert_dir = 'mkdir -p /etc/openldap/cacerts' # recreate the database self.multihost.run_command(create_cert_dir) - if not canick: - canick = "ExampleCA" pkcs12_file = [ca_p12, server_p12] for pkcs_file in pkcs12_file: if not self._import_certs(pkcs_file, pwfile): raise DirSrvException("importing certificates failed") - set_trust_cmd = 'certutil -M -d %s -n %s ' \ - '-t "CT,C,T" -f %s' % (self.dsinst_path, - canick, pwfile) + set_trust_cmd = 'certutil -M -d %s -n "ExampleCA"'\ + ' -t "CTu,u,u" -f %s' % (self.dsinst_path, pwfile) self.multihost.run_command(create_cert_dir) self.multihost.run_command(set_trust_cmd) self.multihost.transport.put_file(os.path.join( ssl_dir, 'cacert.pem'), cacert_file_path) - if client_host: - client_host.run_command(create_cert_dir) - client_host.transport.put_file( - os.path.join(ssl_dir, 'cacert.pem'), cacert_file_path) try: self._set_dsperms(target_pin_file) except DirSrvException: @@ -235,7 +222,7 @@ def setup_certs(self, ssl_dir, client_host=None, canick=None): try: self.multihost.run_command(start_ds) except subprocess.CalledProcessError: - raise DirSrvException('Failed to start DS Instance') + raise DirSrvException('Could not Start DS Instance') else: self.multihost.log.info('DS instance started successfully') @@ -259,7 +246,7 @@ def enable_ssl(self, binduri, tls_port): add_tls = [(ldap.MOD_ADD, 'nsTLS1', [b'on'])] (ret, return_value) = ldap_obj.modify_ldap(mod_dn1, add_tls) if not return_value: - raise LdapException('Failed to enable TLS, Error:%s' % (ret)) + raise LdapException('fail to enable TLS, Error:%s' % (ret)) else: print('Enabled nsTLS1=on') mod_dn2 = 'cn=RSA,cn=encryption,cn=config' @@ -268,7 +255,7 @@ def enable_ssl(self, binduri, tls_port): ((self.dsinstance_host.encode()))])] (ret, return_value) = ldap_obj.modify_ldap(mod_dn2, mod_security) if not return_value: - raise LdapException('Failed to set Server-Cert nick:%s' % (ret)) + raise LdapException('fail to set Server-Cert nick:%s' % (ret)) else: print('Enabled Server-Cert nick') @@ -278,7 +265,7 @@ def enable_ssl(self, binduri, tls_port): (ret, return_value) = ldap_obj.modify_ldap(mod_dn3, enable_security) if not return_value: raise LdapException( - 'Failed to enable nsslapd-security, Error:%s' % (ret)) + 'fail to enable nsslapd-security, Error:%s' % (ret)) else: print('Enabled nsslapd-security') @@ -289,35 +276,10 @@ def enable_ssl(self, binduri, tls_port): (ret, return_value) = ldap_obj.modify_ldap(mod_dn4, enable_ssl_port) if not return_value: raise LdapException( - 'Failed to set nsslapd-securePort, Error:%s' % (ret)) + 'fail to set nsslapd-securePort, Error:%s' % (ret)) else: print('Enabled nsslapd-securePort=%r' % tls_port) - def enable_anonymous_search(self, binduri): - """Enable anonymous search access to basedn - Args: - binduri (str): LDAP uri to bind with - Returns: - boold: True if ACI is added - Exceptions: - LdapException - """ - ldap_obj = LdapOperations( - uri=binduri, binddn=self.dsrootdn, bindpw=self.dsrootdn_pwd) - # Enable Anonymous access aci - allow_anonymous = "(targetattr!=\"userPassword || aci\")" \ - "(version 3.0; acl \"Enable anonymous " \ - "access\"; allow " \ - "(read, search, compare) userdn=\"ldap:///anyone\";;)" - add_aci = [(ldap.MOD_ADD, 'aci', [allow_anonymous.encode('utf-8')])] - (ret, return_value) = ldap_obj.modify_ldap( - self.dsinstance_suffix, add_aci) - if not return_value: - raise LdapException("Failed to enable anonymous access aci") - else: - print("Enabled Anonymous access " - "aci to %s" % self.dsinstance_suffix) - class DirSrvWrap(object): """This is a wrapper class for DirSrv. @@ -327,8 +289,7 @@ class DirSrvWrap(object): LDAP and TLS ports, specifies default suffix. """ # pylint: disable=too-many-instance-attributes - def __init__(self, multihost_obj, - client_obj=None, ssl=None, ssldb=None, canick=None): + def __init__(self, multihost_obj, ssl=None, ssldb=None): """ Create a DirSrv object for a specific Host. Specify the ports, instance details to the Dirsrv object @@ -344,7 +305,6 @@ def __init__(self, multihost_obj, self.ds_instance_name = None self.multihost = multihost_obj self.ds_instance_host = self.multihost.sys_hostname - self.client_host = client_obj self.ds_instance_suffix = None self.ds_rootdn_pwd = None self.ds_ldap_port = None @@ -352,7 +312,6 @@ def __init__(self, multihost_obj, self.ssl = ssl if self.ssl: self.ssl_dir = ssldb - self.canick = canick def __iter__(self): """ iter values of each instance """ @@ -508,7 +467,7 @@ def create_ds_instance(self, root_dn_pwd=None, ldap_port=None, tls_port=None): - """Create Directory server instance. + """create Directory server instance. Args: inst_name (str): Instance Name @@ -541,25 +500,18 @@ def create_ds_instance(self, try: self.dirsrv_obj.setup_ds(cfg_file) except subprocess.CalledProcessError: - raise DirSrvException('Failed to setup Directory server') + raise DirSrvException('fail to DS config file to setup') self.dirsrv_info[self.ds_instance_name] = self.dirsrv_obj.__dict__ - ldap_uri = 'ldap://%s:%r' % (self.ds_instance_host, - self.ds_ldap_port) - try: - self.dirsrv_obj.enable_anonymous_search(ldap_uri) - except LdapException: - raise DirSrvException("Failed to enable anonymous search") if self.ssl: try: - self.dirsrv_obj.setup_certs(self.ssl_dir, - self.client_host, self.canick) + self.dirsrv_obj.setup_certs(self.ssl_dir) except DirSrvException as err: return err.msg, err.rval else: (result, return_code) = self.enablessl() return result, return_code else: - raise DirSrvException('Failed to setup Directory Server instance') + raise DirSrvException('fail to setup Directory Server instance') def enablessl(self): """Enable SSL/TLS on instance. @@ -587,7 +539,7 @@ def enablessl(self): try: self.multihost.run_command(add_tls_port) except subprocess.CalledProcessError: - return "Failed to set tls_port as ldap_port_t", 1 + return "Unable to set tls_port as ldap_port_t", 1 else: self.multihost.log.info('Added %s port to ldap_port_t' % self.ds_tls_port) @@ -629,12 +581,12 @@ def remove_ds_instance(self, instance_name): """ ret = self.dirsrv_info[instance_name] if ret['instance_name'] == instance_name: - inst_name = ret['ds_inst_name'] + ds_inst_name = ret['ds_inst_name'] try: - self.dirsrv_obj.remove_ds(inst_name) + self.dirsrv_obj.remove_ds(ds_inst_name) except subprocess.CalledProcessError: - raise DirSrvException('Failed to ' - 'remove %s instance', inst_name) + raise DirSrvException('Could not remove DS Instance', + ds_inst_name) else: del self.ds_used_ports[instance_name] return True diff --git a/src/tests/multihost/sssd/testlib/common/utils.py b/src/tests/multihost/sssd/testlib/common/utils.py index 4dabb787c6..b15d230583 100644 --- a/src/tests/multihost/sssd/testlib/common/utils.py +++ b/src/tests/multihost/sssd/testlib/common/utils.py @@ -692,7 +692,7 @@ def __init__(self, nssdir=None, nssdir_pwd=None): else: self.nssdb = nssdir if nssdir_pwd is None: - self.nssdb_pwd = 'Secret12@38/-\245550' + self.nssdb_pwd = 'Secret123' else: self.nssdb_pwd = nssdir_pwd self.pwdfilename = 'pwfile' @@ -764,7 +764,7 @@ def execute(self, def createselfsignedcerts(self, serverlist, ca_dn=None, - passphrase='Secret12@38/-\245550', + passphrase='Secret123', canickname='ExampleCA'): """ Creates a NSS DB in /tmp/nssDirxxxx where self signed Root CA @@ -782,17 +782,13 @@ def createselfsignedcerts(self, ca_pempath = os.path.join(nss_dir, 'cacert.pem') server_pempath = os.path.join(nss_dir, 'server.pem') ca_p12_path = os.path.join(nss_dir, 'ca.p12') - # server_p12_path = os.path.join(nss_dir, 'server.p12') + server_p12_path = os.path.join(nss_dir, 'server.p12') with open(self.noisefilepath, 'w') as outfile: outfile.write(str(self.noise)) - keyUsage = 'digitalSignature,certSigning,crlSigning,critical' ca_args = 'certutil -d %s -f %s -S -n "%s" -s %s' \ - ' -t "CT,," -x --keyUsage %s -z %s' % (nss_dir, - self.pwdfilepath, - canickname, - ca_dn, - keyUsage, - self.noisefilepath) + ' -t "CT,," -x -z %s' % (nss_dir, self.pwdfilepath, + canickname, ca_dn, + self.noisefilepath) ca_pem = 'certutil -d %s -f %s -L -n "%s"' \ ' -a -o %s' % (nss_dir, self.pwdfilepath, @@ -833,10 +829,9 @@ def createselfsignedcerts(self, ' -k %s -w %s' % (nss_dir, ca_p12_path, canickname, self.pwdfilepath, self.pwdfilepath) - server_pkcs12_file = '%s-%s' % (server, 'server.p12') - server_p12 = os.path.join(nss_dir, server_pkcs12_file) + _, _, return_code = self.execute(shlex.split(export_ca_p12)) export_svr_p12 = 'pk12util -d %s -o %s -n %s'\ - ' -k %s -w %s' % (nss_dir, server_p12, + ' -k %s -w %s' % (nss_dir, server_p12_path, server_nickname, self.pwdfilepath, self.pwdfilepath)
_______________________________________________ sssd-devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
