import CS dogtag-pki-11.9.0-2.el10

.gitignore

@@ -1,3 +1,16 @@
-/pki-*.tar.gz
-/pki-*/
-/*.jar
+jackson-annotations-2.16.1.jar
+jackson-core-2.16.1.jar
+jackson-databind-2.16.1.jar
+jackson-jaxrs-base-2.16.1.jar
+jackson-jaxrs-json-provider-2.16.1.jar
+jackson-module-jaxb-annotations-2.16.1.jar
+jakarta.activation-api-2.1.2.jar
+jakarta.annotation-api-1.3.5.jar
+jakarta.xml.bind-api-4.0.1.jar
+jboss-jaxrs-2.0-api-1.0.0.Final.jar
+jboss-logging-3.5.3.Final.jar
+pki-11.9.0.tar.gz
+resteasy-client-3.0.26.Final.jar
+resteasy-jackson2-provider-3.0.26.Final.jar
+resteasy-jaxrs-3.0.26.Final.jar
+resteasy-servlet-initializer-3.0.26.Final.jar

FixBuild.patch

@@ -1,74 +0,0 @@
-From 19540347037ee6f16db00f1b401d64fa695dadf1 Mon Sep 17 00:00:00 2001
-From: Marco Fargetta <mfargett@redhat.com>
-Date: Wed, 21 Jan 2026 10:41:43 +0100
-Subject: [PATCH 1/2] Fix python pylint error in EST upgrade script
-
----
- base/server/upgrade/11.9.0/01-EnableEST.py | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/base/server/upgrade/11.9.0/01-EnableEST.py b/base/server/upgrade/11.9.0/01-EnableEST.py
-index d877485fb6..e886aca39d 100644
---- a/base/server/upgrade/11.9.0/01-EnableEST.py
-+++ b/base/server/upgrade/11.9.0/01-EnableEST.py
-@@ -202,7 +202,7 @@ class EnableEST(pki.server.upgrade.PKIServerUpgradeScriptlet):
-             logger.info('Group %s already exist', group_id)
-             return
-         except subprocess.CalledProcessError:
--            logger.info("Group %s has to be created.")
-+            logger.info("Group '%s' will be created.", group_id)
- 
-         subsystem.add_group(
-             group_id,
--- 
-2.52.0
-
-
-From a7f4fd64c9a25f742c6d5320bb20404b10bd73d5 Mon Sep 17 00:00:00 2001
-From: Marco Fargetta <mfargett@redhat.com>
-Date: Thu, 22 Jan 2026 15:52:27 +0100
-Subject: [PATCH 2/2] Fix CMake build with tomcat10
-
-CMake build had tomcat-9 library hard-coded and has been removed to get
-it from the `build.sh`.
-
-The `build.sh` test to identify the tomcat version to use was not
-working with dotted version (e.g. 10.2) and it has been fixed.
----
- base/server/CMakeLists.txt | 2 +-
- build.sh                   | 6 +-----
- 2 files changed, 2 insertions(+), 6 deletions(-)
-
-diff --git a/base/server/CMakeLists.txt b/base/server/CMakeLists.txt
-index f62b2bfa05..9fb6c7a98a 100644
---- a/base/server/CMakeLists.txt
-+++ b/base/server/CMakeLists.txt
-@@ -29,7 +29,7 @@ javac(pki-server-classes
-     OUTPUT_DIR
-         ${CMAKE_CURRENT_BINARY_DIR}/classes
-     DEPENDS
--        pki-common-jar pki-tools-jar pki-tomcat-jar pki-tomcat-9.0-jar
-+        pki-common-jar pki-tools-jar pki-tomcat-jar pki-${APP_SERVER}-jar
- )
- 
- add_dependencies(java pki-server-classes)
-diff --git a/build.sh b/build.sh
-index 62876a45c9..ed858a6beb 100755
---- a/build.sh
-+++ b/build.sh
-@@ -204,11 +204,7 @@ get_tomcat_app_server() {
-              app_server=$def_app_server
-          fi
-      else
--         if [ $ver -ge $rhel_cutoff ]; then
--             app_server=$app_server_10
--         else
--             app_server=$def_app_server 
--         fi
-+         echo "$rhel_cutoff $ver" | tr " " "\n" | sort -V -C && app_server=$app_server_10 || app_server=$def_app_server
-      fi
- 
-      echo $app_server
--- 
-2.52.0
-

copr-build.sh

@@ -1,9 +0,0 @@
-#!/bin/sh
-
-REPO=$1
-
-if [ "$REPO" == "" ]; then
-    REPO="pki-10.6"
-fi
-
-fedpkg copr-build --nowait $REPO

dogtag-pki.rpmlintrc

@@ -1,4 +0,0 @@
-addFilter('W: spelling-error')
-addFilter('W: dangling-symlink')
-addFilter('W: no-manual-page-for-binary')
-addFilter('W: log-files-without-logrotate')

dogtag-pki.spec

@@ -14,7 +14,7 @@ Name:             dogtag-pki
 # Downstream release number:
 # - development/stabilization (unsupported): 0.<n> where n >= 1
 # - GA/update (supported): <n> where n >= 1
-%global           release_number 3
+%global           release_number 2
 
 # Development phase:
 # - development (unsupported): alpha<n> where n >= 1
@@ -215,11 +215,11 @@ BuildRequires:    javapackages-tools
 %if %{without runtime_deps}
 BuildRequires:    xmlstarlet
 %endif
-%if 0%{?fedora} >= 44 || 0%{?rhel} >= 11
+%if 0%{?fedora} >= 44 || 0%{?rhel} >= 10
 BuildRequires:     tomcat-lib >= 1:10.1.36
 BuildRequires:     tomcat-jakartaee-migration
 %else
-BuildRequires:     tomcat9-lib >= 9.0.62
+BuildRequires:     tomcat-lib >= 9.0
 %endif
 
 BuildRequires:    mvn(commons-cli:commons-cli)
@@ -256,7 +256,7 @@ BuildRequires:    mvn(org.jboss.resteasy:resteasy-jackson2-provider)
 BuildRequires:    mvn(org.jboss.resteasy:resteasy-servlet-initializer)
 %endif
 
-%if 0%{?fedora} && 0%{?fedora} >= 44 || 0%{?rhel} && 0%{?rhel} >= 11
+%if 0%{?fedora} && 0%{?fedora} >= 44 || 0%{?rhel} && 0%{?rhel} >= 10
 
 BuildRequires:    mvn(org.apache.tomcat:tomcat-catalina) >= 10.1.36
 BuildRequires:    mvn(org.apache.tomcat:tomcat-servlet-api) >= 10.1.36
@@ -266,13 +266,9 @@ BuildRequires:    mvn(org.apache.tomcat:tomcat-util-scan) >= 10.0.36
 %else
 
 BuildRequires:    mvn(org.apache.tomcat:tomcat-catalina) >= 9.0.62
-BuildRequires:    mvn(org.apache.tomcat:tomcat-catalina) < 10
 BuildRequires:    mvn(org.apache.tomcat:tomcat-servlet-api) >= 9.0.62
-BuildRequires:    mvn(org.apache.tomcat:tomcat-servlet-api) < 10
 BuildRequires:    mvn(org.apache.tomcat:tomcat-jaspic-api) >= 9.0.62
-BuildRequires:    mvn(org.apache.tomcat:tomcat-jaspic-api) < 10
 BuildRequires:    mvn(org.apache.tomcat:tomcat-util-scan) >= 9.0.62
-BuildRequires:    mvn(org.apache.tomcat:tomcat-util-scan) < 10
 
 %endif
 
@@ -496,13 +492,13 @@ to manage enterprise Public Key Infrastructure deployments.
 
 %{product_name} consists of the following components:
 
-* Certificate Authority (CA)
-* Key Recovery Authority (KRA)
-* Online Certificate Status Protocol (OCSP) Manager
-* Token Key Service (TKS)
-* Token Processing Service (TPS)
-* Automatic Certificate Management Environment (ACME) Responder
-* Enrollment over Secure Transport (EST) Responder
+  * Certificate Authority (CA)
+  * Key Recovery Authority (KRA)
+  * Online Certificate Status Protocol (OCSP) Manager
+  * Token Key Service (TKS)
+  * Token Processing Service (TPS)
+  * Automatic Certificate Management Environment (ACME) Responder
+  * Enrollment over Secure Transport (EST) Responder
 
 # with meta
 %endif
@@ -692,10 +688,10 @@ Requires:         mvn(org.jboss.resteasy:resteasy-servlet-initializer)
 Provides:         bundled(resteasy-servlet-initializer) = 3.0.26
 %endif
 
-%if 0%{?rhel} && 0%{?rhel} >= 11
+%if 0%{?rhel} && 0%{?rhel} >= 10
 Requires:         tomcat >= 1:10.1.36
 %else
-Requires:         tomcat9 >= 1:9.0.62
+Requires:         tomcat >= 1:9.0.62
 %endif
 Requires:         mvn(org.dogtagpki.jss:jss-tomcat) >= 5.9.0
 
@@ -1109,7 +1105,7 @@ popd
 
 %endif
 
-%if 0%{?fedora} && 0%{?fedora} >= 44 || 0%{?rhel} && 0%{?rhel} >= 11
+%if 0%{?fedora} && 0%{?fedora} >= 44 || 0%{?rhel} && 0%{?rhel} >= 10
 #migrate the source first because we are starting with tomcat 9 code, so we can build against either tomcat 9 or 10.1, based on the build platform
 /usr/bin/javax2jakarta -profile=EE -exclude=./base/tomcat-9.0 ./base ./base 
 %endif
@@ -1190,7 +1186,7 @@ then
     
     #migrate necessary files being copied around to jakarta 9.0 ee, for >= f43 and rhel10
 
-    %if 0%{?fedora} && 0%{?fedora} >= 44 || 0%{?rhel} && 0%{?rhel} >= 11
+    %if 0%{?fedora} && 0%{?fedora} >= 44 || 0%{?rhel} && 0%{?rhel} >= 10
     echo "Doing the tomcat 10 version..."
 
     /usr/bin/javax2jakarta  -profile=EE  jboss-jaxrs-api_2.0_spec-$JAXRS_VERSION.jar  jboss-jaxrs-api_2.0_spec-$JAXRS_VERSION.jar 
@@ -1239,7 +1235,8 @@ then
     cp /usr/share/java/resteasy/resteasy-servlet-initializer.jar \
         resteasy-servlet-initializer-$RESTEASY_VERSION.jar
 
-    %if 0%{?fedora} && 0%{?fedora} >= 44 || 0%{?rhel} && 0%{?rhel} >= 11
+yy    %if 0%{?fedora} && 0%{?fedora} >= 44 || 0%{?rhel} && 0%{?rhel} >= 10
+    %if 0%{?fedora} >= 44 || 0%{?rhel} >= 10
     /usr/bin/javax2jakarta  -profile=EE resteasy-servlet-initializer-$RESTEASY_VERSION.jar resteasy-servlet-initializer-$RESTEASY_VERSION.jar
     %endif
 
@@ -1256,7 +1253,7 @@ fi
 
 %if ! %{with server}
 %pom_disable_module tomcat base
-%if 0%{?fedora} >= 44 || 0%{?rhel} >= 11
+%if 0%{?fedora} >= 44 || 0%{?rhel} >= 10
 %pom_disable_module tomcat-10.1 base
 %else
 %pom_disable_module tomcat-9.0 base
@@ -1309,7 +1306,7 @@ fi
 %mvn_file org.dogtagpki.pki:pki-server            pki/pki-server
 %mvn_file org.dogtagpki.pki:pki-server-webapp     pki/pki-server-webapp
 %mvn_file org.dogtagpki.pki:pki-tomcat            pki/pki-tomcat
-%if 0%{?fedora} >= 44 || 0%{?rhel} >= 11
+%if 0%{?fedora} >= 44 || 0%{?rhel} >= 10
 %mvn_file org.dogtagpki.pki:pki-tomcat-10.1       pki/pki-tomcat-10.1
 %else
 %mvn_file org.dogtagpki.pki:pki-tomcat-9.0        pki/pki-tomcat-9.0
@@ -1334,7 +1331,7 @@ fi
 %mvn_package org.dogtagpki.pki:pki-server-webapp  pki-server
 %mvn_package org.dogtagpki.pki:pki-tomcat         pki-server
 
-%if 0%{?fedora} >= 44 || 0%{?rhel} >= 11
+%if 0%{?fedora} >= 44 || 0%{?rhel} >= 10
 %mvn_package org.dogtagpki.pki:pki-tomcat-10.1    pki-server
 %else
 %mvn_package org.dogtagpki.pki:pki-tomcat-9.0     pki-server
@@ -1365,7 +1362,7 @@ export JAVA_HOME=%{java_home}
 %if %{with maven}
 # build Java binaries and run unit tests with Maven
 
-%if 0%{?fedora} >= 44 || 0%{?rhel} >= 11
+%if 0%{?fedora} >= 44 || 0%{?rhel} >= 10
 %pom_disable_module tomcat-9.0 base
 %pom_remove_dep :pki-tomcat-9.0 base/server
 %else
@@ -1387,7 +1384,7 @@ ln -sf ../../base/tools/target/pki-tools.jar
 %if %{with server}
 ln -sf ../../base/tomcat/target/pki-tomcat.jar
 
-%if 0%{?fedora} >= 44 || 0%{?rhel} >= 11
+%if 0%{?fedora} >= 44 || 0%{?rhel} >= 10
 ln -sf ../../base/tomcat-10.1/target/pki-tomcat-10.1.jar
 %else
 ln -sf ../../base/tomcat-9.0/target/pki-tomcat-9.0.jar
@@ -1453,13 +1450,6 @@ pkgs=base\
 %{?with_tests:,tests}\
 %{?with_debug:,debug}
 
-
-## Force use of tomcat 9.
-
-sed -i 's/^APP_SERVER=.*/APP_SERVER=tomcat-9.0/g' build.sh
-
-
-
 # build PKI console, Javadoc, and native binaries with CMake
 ./build.sh \
     %{?_verbose:-v} \
@@ -1980,7 +1970,7 @@ fi
 %{_datadir}/java/pki/pki-server.jar
 %{_datadir}/java/pki/pki-server-webapp.jar
 %{_datadir}/java/pki/pki-tomcat.jar
-%if 0%{?fedora} >= 44 || 0%{?rhel} >= 11
+%if 0%{?fedora} >= 44 || 0%{?rhel} >= 10
 %{_datadir}/java/pki/pki-tomcat-10.1.jar
 %else
 %{_datadir}/java/pki/pki-tomcat-9.0.jar
@@ -2172,10 +2162,6 @@ fi
 
 ################################################################################
 %changelog
-* Fri Mar 13 2026 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.9.0-3
-- Revert to tomcat 9
-- Resolves: RHEL-155406
-
 * Tue Mar 10 2026 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.9.0-2
 - Rebuilt for exception target
 

gating.yaml

@@ -1,8 +0,0 @@
-# recipients: rhcs-team
---- !Policy
-product_versions:
-  - rhel-10
-decision_context: osci_compose_gate
-rules:
-  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}
-  - !PassingTestCaseRule {test_case_name: idm-ci.brew-build.tier1.functional}

rpminspect.yaml

@@ -1,8 +0,0 @@
----
-specname:
-    match: suffix
-runpath:
-    allowed_paths:
-        - /usr/lib64/tps
-inspections:
-    javabytecode: off

sources

@@ -9,8 +9,8 @@ SHA512 (jakarta.annotation-api-1.3.5.jar) = 989a0d1e993c37d00c9860026a4298c65274
 SHA512 (jakarta.xml.bind-api-4.0.1.jar) = 4730c1129719e166488888f4b14edd0a4f180d67b6772b4f58fc24d747da48f84463b2a01437200f07806525662a77251a3ce83375886b7c83f2b0e34ef21add
 SHA512 (jboss-jaxrs-2.0-api-1.0.0.Final.jar) = 39a29f9259e7ceb9018447c49d4a18be31aa88775ed7999eff20b2a8f1d8daa25da520c09d0a1c53bf7f417106a64cb2d4f374038ae44511cb60dac1db714495
 SHA512 (jboss-logging-3.5.3.Final.jar) = 2f604d0318a9f10b5c867dbff4ac7a3a608a41a9383cb3fc2ef6364f28396144ead96a0526ae3dea4336109042ead81b9b9318b13e9964b2c57a26794981f5cb
+SHA512 (pki-11.9.0.tar.gz) = 94395202644d8f0ae97a2af05d547ab4fed2df78ae688074018c779c6da7c78da3ee6a2a350ce91d866290b87ff8ce56ce773c7801d663b8847bffe0090d9aa1
 SHA512 (resteasy-client-3.0.26.Final.jar) = 9f3ea65f9cb045cc2e6f4c06f9b63f8d1f78b36ae419ca8367ce11cdd82e6fe35a2d5847634d71a306e0f6d8e3a69db5930c179cf635f105a8f064becb14f2a2
 SHA512 (resteasy-jackson2-provider-3.0.26.Final.jar) = 11e76fc901f4299dacfb67f4784988511933ef170d05d2dce3cbceb5d7857827faec0f4fc7618dea0ba51267bc0ea5bc185e41a5a539e35c688b8e4d433b1792
 SHA512 (resteasy-jaxrs-3.0.26.Final.jar) = 7beb8391d7fcfb96be8ffab674613167001f99a3fb3c4661c037949a52f2658db8028d8a2f3319df06dd3f2deb8152f4cad5f681d401a8deeea9b19ad5aba266
 SHA512 (resteasy-servlet-initializer-3.0.26.Final.jar) = 47a57c0137263d45628d53cceb4a9a6a87209150aaa559b56c5085e6b7b40be8f488c8fcc8ecf8f3882fc981c6d25ba2c750db7254eebea9b2faa5087a72453c
-SHA512 (pki-11.9.0.tar.gz) = 94395202644d8f0ae97a2af05d547ab4fed2df78ae688074018c779c6da7c78da3ee6a2a350ce91d866290b87ff8ce56ce773c7801d663b8847bffe0090d9aa1

sources-download.sh

@@ -1,55 +0,0 @@
-#!/bin/sh -e
-
-download() {
-    PKG_NAME=$1
-    SUFFIX=$2
-
-    ssh "${OPTIONS[@]}" $SOURCE dnf install -y $PKG_NAME
-    VERSION=$(ssh "${OPTIONS[@]}" $SOURCE rpm -q $PKG_NAME | sed -n "s/^$PKG_NAME-\\([^-]*\\)-.*$/\\1/p")
-
-    if [ "$VERSION" == "" ]
-    then
-        echo "$PKG_NAME not found"
-        exit 1
-    fi
-
-    echo "Downloading $PKG_NAME-$VERSION"
-
-    FILES=$(ssh "${OPTIONS[@]}" $SOURCE rpm -ql $PKG_NAME | sed -n -e "/^\/usr\/share\/java\/.*\.jar$/p")
-    for FILE in $FILES
-    do
-        FILENAME=$(basename $FILE)
-        NAME=$(echo $FILENAME | sed 's/\.jar$//')
-        echo "Downloading $FILE to $NAME-$VERSION$SUFFIX.jar"
-        scp "${OPTIONS[@]}" $SOURCE:$FILE $NAME-$VERSION$SUFFIX.jar
-    done
-}
-
-SOURCE=$1
-
-if [ "$SOURCE" == "" ]
-then
-    echo "Usage: source-download.sh <username>@<hostname>"
-    exit 0
-fi
-
-OPTIONS=(-i /usr/share/qa-tools/1minutetip/1minutetip)
-
-download jakarta-activation
-download jakarta-annotations
-download jaxb-api
-
-download jackson-annotations
-download jackson-core
-download jackson-databind
-download jackson-module-jaxb-annotations
-download jackson-jaxrs-providers
-download jackson-jaxrs-json-provider
-
-download jboss-jaxrs-2.0-api .Final
-download jboss-logging .Final
-
-download pki-resteasy-core .Final
-download pki-resteasy-client .Final
-download pki-resteasy-jackson2-provider .Final
-download pki-resteasy-servlet-initializer .Final

sources-import.sh

@@ -1,14 +0,0 @@
-#!/bin/sh
-
-COMMAND=$1
-
-if [ "$COMMAND" == "" ]
-then
-    echo "Usage: source-import.sh <command>"
-    exit 0
-fi
-
-FILES=$(ls *.tar.gz)
-FILES+=($(ls *.jar))
-
-$COMMAND new-sources "${FILES[@]}"

sources-update.sh

@@ -1,12 +0,0 @@
-#!/bin/sh
-
-SOURCE=$1
-TARGET=`basename $1`
-
-cp $SOURCE $TARGET
-sha512sum --tag $TARGET > sources
-
-for FILENAME in $(ls *.jar)
-do
-   sha512sum --tag $FILENAME >> sources
-done

tests/roles/Test_Setup/files/ca.cfg

@@ -1,25 +0,0 @@
-[DEFAULT]
-pki_server_database_password=Secret.123
-
-[CA]
-pki_admin_email=caadmin@example.com
-pki_admin_name=caadmin
-pki_admin_nickname=caadmin
-pki_admin_password=Secret.123
-pki_admin_uid=caadmin
-
-pki_client_database_password=Secret.123
-pki_client_database_purge=False
-pki_client_pkcs12_password=Secret.123
-
-pki_ds_base_dn=dc=ca,dc=pki,dc=example,dc=com
-pki_ds_database=ca
-pki_ds_password=Secret.123
-
-pki_security_domain_name=EXAMPLE
-
-pki_ca_signing_nickname=ca_signing
-pki_ocsp_signing_nickname=ca_ocsp_signing
-pki_audit_signing_nickname=ca_audit_signing
-pki_sslserver_nickname=sslserver
-pki_subsystem_nickname=subsystem

tests/roles/Test_Setup/files/ds-create.sh

@@ -1,24 +0,0 @@
-#!/bin/bash -ex
-
-# This command needs to be executed as it pulls the machine name
-# dynamically.
-dscreate create-template /tmp/test_dir/ds.inf
-
-sed -i \
-    -e "s/;instance_name = .*/instance_name = localhost/g" \
-    -e "s/;root_password = .*/root_password = Secret.123/g" \
-    -e "s/;suffix = .*/suffix = dc=example,dc=com/g" \
-    -e "s/;self_sign_cert = .*/self_sign_cert = False/g" \
-    /tmp/test_dir/ds.inf
-
-dscreate from-file /tmp/test_dir/ds.inf
-
-ldapadd -H ldap://$HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 << EOF
-dn: dc=example,dc=com
-objectClass: domain
-dc: example
-
-dn: dc=pki,dc=example,dc=com
-objectClass: domain
-dc: pki
-EOF

tests/roles/Test_Setup/files/kra.cfg

@@ -1,27 +0,0 @@
-[DEFAULT]
-pki_server_database_password=Secret.123
-
-[KRA]
-pki_admin_email=kraadmin@example.com
-pki_admin_name=kraadmin
-pki_admin_nickname=kraadmin
-pki_admin_password=Secret.123
-pki_admin_uid=kraadmin
-
-pki_client_database_password=Secret.123
-pki_client_database_purge=False
-pki_client_pkcs12_password=Secret.123
-
-pki_ds_base_dn=dc=kra,dc=pki,dc=example,dc=com
-pki_ds_database=kra
-pki_ds_password=Secret.123
-
-pki_security_domain_name=EXAMPLE
-pki_security_domain_user=caadmin
-pki_security_domain_password=Secret.123
-
-pki_storage_nickname=kra_storage
-pki_transport_nickname=kra_transport
-pki_audit_signing_nickname=kra_audit_signing
-pki_sslserver_nickname=sslserver
-pki_subsystem_nickname=subsystem

tests/roles/Test_Setup/tasks/main.yml

@@ -1,21 +0,0 @@
----
-
-- name: Install required packages
-  dnf:
-    name: >
-      389-ds-base, pki-ca, pki-kra
-
-- name: Creates directory
-  file: path=/tmp/test_files state=directory
-
-- name: Copying templates to /tmp folder
-  copy : src=.  dest=/tmp/test_dir
-
-- name: Setup DS Service
-  shell: sh /tmp/test_dir/ds-create.sh
-
-- name: Install CA subsystem
-  shell: pkispawn -f /tmp/test_dir/ca.cfg -s CA -v
-
-- name: Install KRA subsystem
-  shell: pkispawn -f /tmp/test_dir/kra.cfg -s KRA -v

tests/tests.yml

@@ -1,29 +0,0 @@
-- hosts: localhost
-  remote_user: root
-  tags:
-    - classic
-  roles:
-  - role: Test_Setup
-  - role: standard-test-basic
-    tests:
-    - verify_spawn_ca:
-        dir: .
-        run: "curl http://localhost:8080/ca/admin/ca/getStatus | grep '\"Status\" : \"running\"'"
-    - verify_spawn_kra:
-        dir: .
-        run: "curl http://localhost:8080/kra/admin/kra/getStatus | grep '\"Status\" : \"running\"'"
-    - destroy_kra:
-        dir: .
-        run: "pkidestroy -i pki-tomcat -s KRA && sleep 5"
-    - verify_destroy_kra:
-        dir: .
-        run: "curl http://localhost:8080/kra/admin/kra/getStatus | grep 'HTTP Status 404'"
-    - destroy_ca:
-        dir: .
-        run: "pkidestroy -i pki-tomcat -s CA"
-    - verify_destroy_ca:
-        dir: .
-        run: "curl http://localhost:8080/ca/admin/ca/getStatus  &> testfile.log || true && grep -i 'failed' testfile.log"
-    required_packages:
-    - pki-ca
-    - pki-kra