Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ipaserver,ipareplica: Add random_serial_numbers to options #852

Merged
merged 1 commit into from Jul 6, 2022
Merged

ipaserver,ipareplica: Add random_serial_numbers to options #852

merged 1 commit into from Jul 6, 2022

Conversation

t-woerner
Copy link
Member

With the support for Random Serial Numbers v3 in FreeIPA 4.10, the
attribute random_serial_numbers has been added to the installer options.

ca.install_check is using options.random_serial_numbers and setting
setting options._random_serial_numbers, which needs to be passed to
the setup_ca task.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2103928
https://bugzilla.redhat.com/show_bug.cgi?id=2103924

@varunmylaraiah varunmylaraiah self-requested a review July 5, 2022 14:53
rjeffman
rjeffman reviewed Jul 5, 2022
View reviewed changes
Copy link
Member

@rjeffman rjeffman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is only usable with FreeIPA 4.10+, and will never be back-ported to previous versions.

Is it possible to check the version that will be deployed? Will it fail if the flag is not supported?

varunmylaraiah
varunmylaraiah approved these changes Jul 6, 2022
View reviewed changes
Copy link
Collaborator

@varunmylaraiah varunmylaraiah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With this patch, downstream tests are working fine.

@t-woerner
Copy link
Member Author

This is only the hot fix to get the roles working with 4.10.

@t-woerner
ipaserver,ipareplica: Add random_serial_numbers to options
7db5d59 
With the support for Random Serial Numbers v3 in FreeIPA 4.10, the
attribute random_serial_numbers has been added to the installer options.

options._random_serial_numbers is generated by ca.install_check and
later used by ca.install in the _setup_ca module.

ca.install_check is using options.random_serial_numbers and generating
options._random_serial_numbers which is later used by ca.install in
ca.install the _setup_ca module.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2103928
       https://bugzilla.redhat.com/show_bug.cgi?id=2103924
@t-woerner t-woerner closed this Jul 6, 2022
@t-woerner t-woerner reopened this Jul 6, 2022
@t-woerner
Copy link
Member Author

This is only usable with FreeIPA 4.10+, and will never be back-ported to previous versions.

Is it possible to check the version that will be deployed? Will it fail if the flag is not supported?

The variables in options are passed internally and they will not affect older IPA versions as options.random_serial_numbers and options._random_serial_numbers are simply not used.

rjeffman
rjeffman approved these changes Jul 6, 2022
View reviewed changes
Copy link
Member

@rjeffman rjeffman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm.

@rjeffman rjeffman merged commit 4332636 into freeipa:master Jul 6, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@varunmylaraiah varunmylaraiah varunmylaraiah approved these changes

@rjeffman rjeffman rjeffman approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@t-woerner @varunmylaraiah @rjeffman