New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ipatests: Tests for ipahealthcheck tool with IPA external CA #4883
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hello @menonsudhir
Please find inline comments.
64f3cc6
to
bdba45a
Compare
/AzurePipelines run |
Azure Pipelines successfully started running 1 pipeline(s). |
/AzurePipelines run |
Azure Pipelines successfully started running 1 pipeline(s). |
a39dd70
to
fad18dd
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @menonsudhir
the test was added to the nightly definitions in the temp commit, please move the diff to another commit that won't be removed.
I also noticed one comment from Rob that wasn't addressed:
I think this test should install a replica as well to ensure that the crlmanagercheck returns crlgen_enabled False.
b03cbd6
to
e1df335
Compare
|
e1df335
to
cf9ae8a
Compare
@menonsudhir
|
cf9ae8a
to
50de2cd
Compare
/azp run |
Azure Pipelines successfully started running 1 pipeline(s). |
This looks ok to me with one minor thing. I think the timeout for the nightly tests will need to be bumped up to accommodate the new test class, maybe try 7200. IMHO this can be done at the same time that the temp commit is dropped to avoid another run cycle. @flo-renaud do you agree? |
This testsuite checks whether the healthcheck tool reports correct status in a scenario when IPA server is setup with external self-signed CA. Below are the checks covered IPACRLManagerCheck IPACertmongerCA IPAOpenSSLChainValidation IPANSSChainValidation IPARAAgent
ExternalCA Tests
50de2cd
to
e92505c
Compare
Yes, the new test takes ~30min and test-Ipahealthcheck used to need 1h, so 7200 should be OK. |
/azp run |
Azure Pipelines successfully started running 1 pipeline(s). |
/azp run |
Azure Pipelines successfully started running 1 pipeline(s). |
Tests are green, all comments were addressed, ACK. |
@menonsudhir |
@flo-renaud have raised a manual backport. |
This testsuite checks whether the healthcheck tool reports correct status in a scenario when IPA server is setup with
external self-signed CA. Below are the checks covered.
IPACRLManagerCheck
IPACertmongerCA
IPAOpenSSLChainValidation
IPANSSChainValidation
IPARAAgent