IPA Testing

From Dogtag
Jump to: navigation, search

Overview

This page describes the testing procedure to verify PKI and PKI interoperability.

Prerequisites

$ dnf install freeipa-tests

Install IPA Server

$ FORWARDER=`grep nameserver /etc/resolv.conf | head -1 | awk '{print $2;}'`
$ DOMAIN=`dnsdomainname`
$ REALM=${DOMAIN^^}
$ ipa-server-install\
  -d\
  -U\
  -r $REALM\
  -p Secret.123\
  -a Secret.123\
  --no-pkinit\
  --setup-dns\
  --forwarder $FORWARDER\
  --no-ntp

Running IPA Tests

python-nose package is needed by the tests. Copy the file /etc/ipa/default.conf to ~/.ipa/default.conf.

$ mkdir -p ~/.ipa/
$ cp /etc/ipa/default.conf ~/.ipa/default.conf

For certificate tests to pass, copy the 3 NSS db files in /etc/httpd/alias to ~/.ipa/alias and copy /etc/httpd/alias/pwdfile.txt to ~/.ipa/alias/.pwd .

$ mkdir -p ~/.ipa/alias
$ cp /etc/httpd/alias/*.db ~/.ipa/alias
$ cp /etc/httpd/alias/pwdfile.txt ~/.ipa/alias/.pwd

Set the appropriate permissions for these files, if the tests are run by a non-root users.

Get a kerberos ticket for admin.

$ kinit admin

Run the Dogtag tests.

$ ipa-run-tests test_xmlrpc/test_cert_plugin.py

where the path of the test is a relative from <python_site_packages>/ipatests

Running IPA Tests in Vagrant

$ dnf install vagrant vagrant-libvirt
$ git clone https://github.com/bastiak/ipa-devel-tools
$ cd ipa-devel-tools
$ python3 setup.py install
$ ipa-vagrant-ci-topology-create test_ipa --replicas 2 --add-copr='@freeipa/freeipa-4-3-rc' \
  --add-packages={freeipa-server,freeipa-server-dns,python2-ipatests}
$ cd test_ipa
$ vagrant up
$ vagrant ssh
$ IPATEST_YAML_CONFIG=/vagrant/ipa-test-config.yaml ipa-run-tests test_integration/test_replica_promotion.py \
  --verbose --logging-level=debug --pdb

Running IPA Tests in Container

See IPA Testing in Container.

References