rpms
/
ipa
7
0
Fork 0
Code Issues Pull Requests Releases Activity
ipa/0004-Upgrade-fix-replica-ag...

494 lines
18 KiB
Diff
Raw Blame History

<!DOCTYPE html>
<html lang='en'>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<title>Commit - freeipa - d29b47512a39ada02fb371521994576cd9815a6c - Pagure.io</title>
<link rel="shortcut icon" type="image/vnd.microsoft.icon"
href="/theme/static/favicon.ico?version=5.13.3"/>
<link href="/theme/static/fedora-bootstrap-1.3.0/fedora-bootstrap.min.css?version=5.13.3"
type="text/css" rel="stylesheet" />
<link href="/theme/static/fonts/fonts.css?version=5.13.3"
rel="stylesheet" type="text/css" />
<link href="/theme/static/fonts/hack_fonts/css/hack-extended.min.css?version=5.13.3"
type="text/css" rel="stylesheet" />
<link href="/theme/static/theme.css?version=5.13.3"
type="text/css" rel="stylesheet" />
<link type="text/css" rel="stylesheet" nonce="qdLhc1wjRNfkrQnukB32BzvfC" href="/static/vendor/font-awesome/font-awesome.css?version=5.13.3"/>
<link type="text/css" rel="stylesheet" nonce="qdLhc1wjRNfkrQnukB32BzvfC" href="/static/pagure.css?version=5.13.3"/>
<link rel="stylesheet" nonce="qdLhc1wjRNfkrQnukB32BzvfC" href="/static/vendor/highlight.js/styles/github.css?version=5.13.3"/>
<link rel="stylesheet" nonce="qdLhc1wjRNfkrQnukB32BzvfC" href="/static/vendor/diff2html/diff2html.css?version=5.13.3"/>
</head>
<body id="home">
<!-- start masthead -->
<nav class="navbar navbar-light masthead p-0 navbar-expand">
<div class="container">
<a href="/" class="navbar-brand">
<img height="40" src="/theme/static/pagure-logo.png?version=5.13.3"
alt="pagure Logo" id="pagureLogo"/>
</a>
<ul class="navbar-nav ml-auto">
<li class="nav-item">
<a class="btn btn-primary" href="/login/?next=https://pagure.io/freeipa/c/d29b47512a39ada02fb371521994576cd9815a6c">Log In</a>
</li>
</ul>
</div>
</nav>
<!-- close masthead-->
<div class="bodycontent">
<div class="bg-light border border-bottom pt-3">
<div class="container">
<div class="row mb-3">
<div class="col-6">
<div class="row">
<div class="col-auto pr-0">
<h3>
<i class="fa fa-calendar-o fa-rotate-270 text-muted"></i></h3>
</div>
<div class="col-auto pl-2">
<h3 class="mb-0">
<a href="/freeipa"><strong>freeipa</strong></a>
</h3>
</div>
</div>
</div>
<div class="col-6 text-right">
<div class="btn-group">
<div class="btn-group">
<a href="#"
class="btn btn-sm dropdown-toggle btn-outline-primary"
data-toggle="dropdown" id="watch-button">
<i class="fa fa-clone fa-fw"></i>
<span>Clone</span>
</a>
<div class="dropdown-menu dropdown-menu-right">
<div class="m-3" id="source-dropdown">
<div>
<h5><strong>Source Code</strong></h5>
<div class="form-group">
<div class="input-group input-group-sm">
<div class="input-group-prepend"><span class="input-group-text">GIT</span></div>
<input class="form-control bg-white select-on-focus" type="text" value="https://pagure.io/freeipa.git" readonly>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<ul class="nav nav-tabs nav-small border-bottom-0">
<li class="nav-item mr-2 text-dark">
<a class="nav-link active" href="/freeipa">
<i class="fa fa-code fa-fw text-muted"></i>
<span class="d-none d-md-inline">Source</span>
</a>
</li>
<li class="nav-item mr-2 text-dark">
<a class="nav-link" href="/freeipa/issues">
<i class="fa fa-fw text-muted fa-exclamation-circle"></i>
<span class="d-none d-md-inline">Issues&nbsp;</span>
<span class="badge badge-secondary py-0 d-none d-md-inline">
986
</span>
</a>
</li>
<li class="nav-item mr-2 text-dark">
<a class="nav-link" href="/freeipa/roadmap"
class="btn btn-outline-dark btn-sm">
<i class="fa fa-fw text-muted fa-map-signs"></i>
<span class="d-none d-md-inline">Roadmap&nbsp;</span>
</a>
</li>
<li class="nav-item mr-2 text-dark">
<a class="nav-link" href="/freeipa/stats">
<i class="fa fa-line-chart fa-fw text-muted"></i>
<span class="d-none d-md-inline">Stats</span>
</a>
</li>
</ul>
</div>
</div>
<div class="container pt-5 repo-body-container">
<div class="row">
<div class="col">
<nav class="nav nav-tabs nav-sidetabs flex-column">
<a class=
"nav-link nowrap
"
href="/freeipa">
<i class="fa fa-home text-muted fa-fw"></i>&nbsp;<span class="d-none d-md-inline">Overview</span>
</a>
<a class=
"nav-link nowrap
"
href="/freeipa/tree">
<i class="fa fa-file-code-o text-muted fa-fw"></i>&nbsp;Files
</a>
<a class=
"nav-link nowrap
active"
href="/freeipa/commits">
<i class="fa fa-list-alt text-muted fa-fw" data-glyph="spreadsheet"></i>&nbsp;Commits
</a>
<a class=
"nav-link nowrap
"
href="/freeipa/branches">
<i class="fa fa-random text-muted fa-fw"></i>&nbsp;Branches
</a>
<a class=
"nav-link nowrap
"
href="/freeipa/forks">
<i class="fa fa-code-fork text-muted fa-fw"></i>&nbsp;Forks
</a>
<a class=
"nav-link nowrap
"
href="/freeipa/releases">
<i class="fa fa-tags text-muted fa-fw"></i>&nbsp;Releases
</a>
</nav> </div>
<div class="col-10">
<div class="d-flex">
<div>
<h4 class="font-weight-bold">
<span title="d29b47512a39ada02fb371521994576cd9815a6c"><code class="text-white bg-primary">d29b475</code></span>
<span>Upgrade: fix replica agreement</span>
</h4>
<h5 class="text-muted pt-1 mb-0">
Authored and Committed by <img class="avatar circle lazyload" src="https://seccdn.libravatar.org/avatar/1e52aaae9646f0f890f5f6c771cd060c66898d5fdf78e8a6021eb2b75e27ffe2?s=16&d=retro"/> <a title='Florence Blanc-Renaud' href='/user/frenaud' >frenaud</a>
<span title="2023-06-22 15:49:40 UTC" data-toggle="tooltip">7 days ago</span>
</h5>
</div>
<div class="ml-auto">
<div class="btn-group">
<a class="btn btn-outline-primary btn-sm" href="/freeipa/raw/d29b47512a39ada02fb371521994576cd9815a6c" title="View as raw">raw</a>
<a class="btn btn-outline-primary btn-sm" href="/freeipa/c/d29b47512a39ada02fb371521994576cd9815a6c.patch">patch</a>
<a class="btn btn-outline-primary btn-sm" href="/freeipa/tree/d29b47512a39ada02fb371521994576cd9815a6c">tree</a>
<a class="btn btn-outline-primary btn-sm" title=356ec5cbfe0876686239f938bdf54892dc30571e href="/freeipa/c/356ec5cbfe0876686239f938bdf54892dc30571e">parent</a>
</div>
</div>
</div>
<div class="card border-0 mb-3">
<div class="card-header border-0 bg-white font-weight-bold p-0">
<a href="#commit-overview-collapse" data-toggle="collapse" data-target="#commit-overview-collapse">1 file changed.</a>
<span class="text-success">38 lines added</span>.
<span class="text-danger">42 lines removed</span>.
</div>
<div class="card-body p-0 collapse" id="commit-overview-collapse">
<div class="list-group ">
<a href="#_1" class="list-group-item list-group-item-action">
<div class="d-flex">
<div class="font-weight-bold">
ipaserver/install/plugins/fix_replica_agreements.py
</div>
<div class="ml-auto font-weight-bold">
<span class="font-weight-bold btn btn-sm btn-outline-secondary border-0 disabled opacity-100">file modified</span>
<div class="btn-group">
<span class="font-weight-bold btn btn-sm btn-success disabled opacity-100">+38</span>
<span class="font-weight-bold btn btn-sm btn-danger disabled opacity-100">-42</span>
</div>
</div>
</div>
</a> </div>
</div>
</div>
<div class="m-y-1">
<pre class="commit_message_body">
Upgrade: fix replica agreement
The upgrade checks the replication agreements to ensure that
some attributes are excluded from replication. The agreements
are stored in entries like
cn=serverToreplica,cn=replica,cn=_suffix_,cn=mapping tree,cn=config
but those entries are managed by the replication topology plugin
and should not be updated directly. The consequence is that the update
of the attributes fails and ipa-server-update prints an error message:
Error caught updating nsDS5ReplicatedAttributeList: Server is unwilling
to perform: Entry and attributes are managed by topology <a href="http://plugin.No" rel="nofollow">plugin.No</a> direct
modifications allowed.
Error caught updating nsDS5ReplicatedAttributeListTotal: Server is
unwilling to perform: Entry and attributes are managed by topology
<a href="http://plugin.No" rel="nofollow">plugin.No</a> direct modifications allowed.
The upgrade continues but the replication is not excluding
passwordgraceusertime.
Instead of editing the agreements, perform the modifications on
the topology segments.
Fixes: <a href="https://pagure.io/freeipa/issue/9385" rel="nofollow">https://pagure.io/freeipa/issue/9385</a>
Signed-off-by: Florence Blanc-Renaud &lt;flo@redhat.com&gt;
Reviewed-By: Rob Crittenden &lt;rcritten@redhat.com&gt;
</pre>
</div>
<section class="commit_diff">
<div class="card mt-3" id="_1">
<div class="card-header">
<div class="d-flex align-items-center">
<div>
<a class="font-weight-bold ml-2" href="/freeipa/blob/d29b47512a39ada02fb371521994576cd9815a6c/f/ipaserver/install/plugins/fix_replica_agreements.py"
title="View file as of d29b475">ipaserver/install/plugins/fix_replica_agreements.py</a>
</div>
<div class="d-flex align-items-center ml-auto">
<div class="btn btn-outline-secondary disabled opacity-100 border-0 font-weight-bold">file modified</div>
<div class="btn-group">
<span class="btn btn-success btn-sm font-weight-bold disabled opacity-100">+38</span>
<span class="btn btn-danger btn-sm font-weight-bold disabled opacity-100">-42</span>
</div>
<a class="btn btn-outline-primary btn-sm ml-2" href="/freeipa/blob/d29b47512a39ada02fb371521994576cd9815a6c/f/ipaserver/install/plugins/fix_replica_agreements.py"
title="View file as of d29b475">
<i class="fa fa-file-code-o fa-fw"></i>
</a>
<a href="diff2html_1" class="btn btn-sm btn-outline-primary diffcollapse ml-2" data-toggle="collapse" data-target="#diff2html_1">
<i class="fa fa-fw fa-caret-up"></i>
</a>
</div></div>
</div>
<div class="diff2html-output collapse show" data-diffno="1" id="diff2html_1"></div>
</div>
</section>
</div>
</div>
</div>
</div>
<div class="footer pt-4 text-white">
<div class="container">
<div class="d-flex align-items-center">
<div>
<div>Powered by <a href="https://pagure.io/pagure" class="notblue">Pagure</a> 5.13.3</div>
<div>
<a href="https://docs.pagure.org/pagure/usage/index.html" class="notblue">Documentation</a> &bull;
<a href="https://pagure.io/pagure/new_issue" class="notblue">File an Issue</a> &bull;
<a href="/about">About</a> &bull;
<a href="/ssh_info" class="notblue">SSH Hostkey/Fingerprint</a>
</div>
</div>
<div class="ml-auto text-right">
<div>&copy; Red Hat, Inc. and others.</div>
</div>
</div>
</div>
</div>
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC" src="/static/vendor/jquery/jquery.min.js?version=5.13.3"></script>
<script src="/static/vendor/bootstrap/bootstrap.bundle.min.js?version=5.13.3"></script>
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC">
$('[data-toggle="tooltip"]').tooltip({placement : 'bottom'});
$(".cancel_btn").click(function() {
history.back();
});
</script>
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC" src="/static/vendor/lazyload/lazyload.min.js?version=5.13.3"></script>
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC">
window.addEventListener("load", function(event) {
lazyload();
});
</script>
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC">
$("#giturl-toggle").on('click', function(event){
event.stopPropagation();
$("#giturl-more").toggle();
$("#giturl-toggle").hide();
})
$(".fork_project_btn").click(function() {
$('#fork_project').submit();
});
$(".select-on-focus").on("focus", function() {
$(this).select();
});
</script>
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC" src="/static/vendor/diff2html/diff2html.min.js?version=5.13.3"></script>
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC" src="/static/vendor/highlight.js/highlight.pack.js?version=5.13.3"></script>
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC" src="/static/vendor/highlight.js/spec.js?version=5.13.3"></script>
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC" src="/static/vendor/diff2html/diff2html-ui.min.js?version=5.13.3"></script>
<script type="text/javascript" nonce="qdLhc1wjRNfkrQnukB32BzvfC">
$(document).ready(function() {
$(".diffcollapse").click(function(e){
$(this).find("i").toggleClass("fa-caret-down fa-caret-up")
});
});
$(function(){
$('#diff_list_link').click(function(){
$('#diff_list').toggle();
});
});
$.ajax({
url: '/freeipa/c/d29b47512a39ada02fb371521994576cd9815a6c.diff?js=True' ,
type: 'GET',
dataType: 'json',
success: function(res) {
$(".diff2html-output").each(function(){
var diffString = res[$(this).attr("data-diffno")];
var diff2htmlUi = new Diff2HtmlUI({diff: diffString});
diff2htmlUi.draw('#diff2html_'+$(this).attr("data-diffno"), {inputFormat: 'diff'});
diff2htmlUi.highlightCode('#diff2html_'+$(this).attr("data-diffno"));
});
}
});
$.ajax({
url: '/pv/branches/commit/' ,
type: 'POST',
data: {
repo: "freeipa",
repouser: "",
namespace: "",
commit_id: "d29b47512a39ada02fb371521994576cd9815a6c",
csrf_token: "IjBlMjNjZTVhYTU0ZTdiNDg1ODAyM2E4YjRmM2NmZjBhZjkwZTM0ZjQi.F394iA.hp0mU_A319AwGFwaTxBoPMzh1VQ",
},
dataType: 'json',
success: function(res) {
if (res.branches.length == 0){
return;
}
var _br = '';
for (var i = 0; i < res.branches.length; ++i) {
if (_br.length > 0){
_br += ', ';
}
_br += res.branches[i]
}
var el = $('#diff-file-1');
if (!el){
return;
}
el.before(
'<div class=""><i class="fa fa-code-fork"></i> '
+ _br + '</div>');
}
});
</script>
</body>
</html>From 93d97b59600c15e5028ee39b0e98450544165158 Mon Sep 17 00:00:00 2001
From: Florence Blanc-Renaud <flo@redhat.com>
Date: Jun 22 2023 15:49:40 +0000
Subject: Integration tests: add a test to ipa-server-upgrade
Add an integration test ensuring that the upgrade
properly updates the attributes to be excluded from
replication.
Related: https://pagure.io/freeipa/issue/9385
Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
---
diff --git a/ipatests/test_integration/test_simple_replication.py b/ipatests/test_integration/test_simple_replication.py
index 17092a4..d1e65ef 100644
--- a/ipatests/test_integration/test_simple_replication.py
+++ b/ipatests/test_integration/test_simple_replication.py
@@ -23,8 +23,10 @@ import pytest
from ipaplatform.paths import paths
from ipapython.dn import DN
+from ipaserver.install.replication import EXCLUDES
from ipatests.pytest_ipa.integration import tasks
from ipatests.test_integration.base import IntegrationTest
+from ipatests.test_integration.test_topology import find_segment
def check_replication(source_host, dest_host, login):
@@ -104,6 +106,34 @@ class TestSimpleReplication(IntegrationTest):
[paths.IPA_CUSTODIA_CHECK, self.master.hostname]
)
+ def test_fix_agreements(self):
+ """Test that upgrade fixes the list of attributes excluded from repl
+
+ Test for ticket 9385
+ """
+ # Prepare the server by removing some values from
+ # from the nsDS5ReplicatedAttributeList
+ segment = find_segment(self.master, self.replicas[0], "domain")
+ self.master.run_command([
+ "ipa", "topologysegment-mod", "domain", segment,
+ "--replattrs",
+ "(objectclass=*) $ EXCLUDE memberof idnssoaserial entryusn"])
+ # Run the upgrade
+ result = self.master.run_command(["ipa-server-upgrade"])
+ # Ensure that the upgrade updated the attribute without error
+ errmsg = "Error caught updating nsDS5ReplicatedAttributeList"
+ assert errmsg not in result.stdout_text
+ # Check the updated value
+ suffix = DN(self.master.domain.basedn)
+ dn = DN(('cn', str(suffix)), ('cn', 'mapping tree'), ('cn', 'config'))
+ result = tasks.ldapsearch_dm(self.master, str(dn),
+ ["nsDS5ReplicatedAttributeList"])
+ output = result.stdout_text.lower()
+
+ template = 'nsDS5ReplicatedAttributeList: (objectclass=*) $ EXCLUDE %s'
+ expected_value = template % " ".join(EXCLUDES)
+ assert expected_value.lower() in output
+
def test_replica_removal(self):
"""Test replica removal"""
result = self.master.run_command(['ipa-replica-manage', 'list'])
Reference in New Issue View Git Blame Copy Permalink