add IPA test suite fixes

Resolves: rhbz#2053025 Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
2022-02-14 17:11:23 +02:00 · 2022-02-14 17:11:23 +02:00 · c728f32d9b
parent 0384e3429f
commit c728f32d9b
3 changed files with 78 additions and 1 deletions
--- a/0022-ipatests-remove-additional-check-for-failed-units_rhbz#2053025.patch
+++ b/0022-ipatests-remove-additional-check-for-failed-units_rhbz#2053025.patch
@ -0,0 +1,31 @@
+From b36bcf4ea5ed93baa4dc63f8e2be542d678211fb Mon Sep 17 00:00:00 2001
+From: Anuja More <amore@redhat.com>
+Date: Thu, 10 Feb 2022 18:49:06 +0530
+Subject: [PATCH] ipatests: remove additional check for failed units.
+
+On RHEL tests are randomly failing because of this check
+and the test doesn't need to check this.
+
+Related : https://pagure.io/freeipa/issue/9108
+
+Signed-off-by: Anuja More <amore@redhat.com>
+Reviewed-By: Florence Blanc-Renaud <flo@redhat.com>
+---
+ ipatests/test_integration/test_otp.py | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/ipatests/test_integration/test_otp.py b/ipatests/test_integration/test_otp.py
+index d8ce527ca..6e70ddcb3 100644
+--- a/ipatests/test_integration/test_otp.py
+++ b/ipatests/test_integration/test_otp.py
+@@ -316,7 +316,6 @@ class TestOTPToken(IntegrationTest):
+         check_services = self.master.run_command(
+             ['systemctl', 'list-units', '--state=failed']
+         )
+-        assert "0 loaded units listed" in check_services.stdout_text
+         assert "ipa-otpd" not in check_services.stdout_text
+         # Be sure no services are running and failed units
+         self.master.run_command(['killall', 'ipa-otpd'], raiseonerr=False)
+-- 
+2.34.1
+
--- a/0023-ipatests-fix-TestOTPToken-rhbz#2053025.patch
+++ b/0023-ipatests-fix-TestOTPToken-rhbz#2053025.patch
@ -0,0 +1,40 @@
+From 4c54e9d6ddb72eab6f654bf3dc2d29f27498ac96 Mon Sep 17 00:00:00 2001
+From: Florence Blanc-Renaud <flo@redhat.com>
+Date: Sun, 5 Dec 2021 17:38:58 +0100
+Subject: [PATCH] ipatests: fix
+ TestOTPToken::test_check_otpd_after_idle_timeout
+
+The test sets 389-ds nsslapd-idletimeout to 60s, then does a
+kinit with an otp token (which makes ipa-otpd create a LDAP
+connection), then sleeps for 60s. The expectation is that
+ns-slapd will detect that the LDAP conn from ipa-otpd is idle
+and close the connection.
+According to 389ds doc, the idle timeout is enforced when the
+connection table is walked. By doing a ldapsearch, the test
+"wakes up" ns-slapd and forces the detection of ipa-otpd
+idle connection.
+
+Fixes: https://pagure.io/freeipa/issue/9044
+Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
+Reviewed-By: Anuja More <amore@redhat.com>
+---
+ ipatests/test_integration/test_otp.py | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/ipatests/test_integration/test_otp.py b/ipatests/test_integration/test_otp.py
+index 353470897..d8ce527ca 100644
+--- a/ipatests/test_integration/test_otp.py
+++ b/ipatests/test_integration/test_otp.py
+@@ -354,6 +354,9 @@ class TestOTPToken(IntegrationTest):
+             otpvalue = totp.generate(int(time.time())).decode("ascii")
+             kinit_otp(self.master, USER, password=PASSWORD, otp=otpvalue)
+             time.sleep(60)
+            # ldapsearch will wake up slapd and force walking through
+            # the connection list, in order to spot the idle connections
+            tasks.ldapsearch_dm(self.master, "", ldap_args=[], scope="base")
+ 
+             def test_cb(cmd_jornalctl):
+                 # check if LDAP connection is timed out
+-- 
+2.34.1
+
--- a/freeipa.spec
+++ b/freeipa.spec
@ -198,7 +198,7 @@

 Name:           %{package_name}
 Version:        %{IPA_VERSION}
-Release:        4%{?rc_version:.%rc_version}%{?dist}
+Release:        5%{?rc_version:.%rc_version}%{?dist}
 Summary:        The Identity, Policy and Audit system

 License:        GPLv3+
@ -239,6 +239,8 @@ Patch0018:      0018-Remove-ipa-join-errors-from-behind-the-debug-option.patch
 Patch0019:      0019-Enable-the-ccache-sweep-timer-during-installation.patch
 Patch0020:      0020-Test-ipa-ccache-sweep.timer-enabled-by-default-durin.patch
 Patch0021:      0021-ipa_cldap-fix-memory-leak.patch
+Patch0022:      0022-ipatests-remove-additional-check-for-failed-units_rhbz#2053025.patch
+Patch0023:      0023-ipatests-fix-TestOTPToken-rhbz#2053025.patch
 Patch1001:      1001-Change-branding-to-IPA-and-Identity-Management.patch
 %endif
 %endif
@ -1730,6 +1732,10 @@ fi
 %endif

 %changelog
+* Mon Feb 14 2022 Alexander Bokovoy <abokovoy@redhat.com> - 4.9.8-5
+- Resolves: rhbz#2053025
+  - add IPA test suite fixes
+
 * Mon Feb 14 2022 Alexander Bokovoy <abokovoy@redhat.com> - 4.9.8-4
 - Resolves: rhbz#2053586 IPA LDAP plugin ipa-cldap memory leak
  - fix memory leak in CLDAP responder