.gitignore

@@ -1 +1,103 @@
-SOURCES/pki-10.15.1.tar.gz
+/pki-core-9.0.0.tar.gz
+/pki-core-9.0.1.tar.gz
+/pki-core-9.0.2.tar.gz
+/pki-core-9.0.3.tar.gz
+/pki-core-9.0.5.tar.gz
+/pki-core-9.0.6.tar.gz
+/pki-core-9.0.7.tar.gz
+/pki-core-9.0.9.tar.gz
+/pki-core-9.0.14.tar.gz
+/pki-core-9.0.15.tar.gz
+/pki-core-9.0.16.tar.gz
+/pki-core-9.0.17.tar.gz
+/pki-core-9.0.18.tar.gz
+/pki-core-9.0.19.tar.gz
+/pki-core-9.0.20.tar.gz
+/pki-core-9.0.21.tar.gz
+/pki-core-10.0.0.a1.tar.gz
+/pki-core-10.0.0.a2.tar.gz
+/pki-core-10.0.0.b1.tar.gz
+/pki-core-10.0.0.b2.tar.gz
+/pki-core-10.0.0.b3.tar.gz
+/pki-core-10.0.0.tar.gz
+/pki-core-10.0.1.tar.gz
+/pki-core-10.0.2.tar.gz
+/pki-core-10.0.3.tar.gz
+/pki-core-10.0.4.tar.gz
+/pki-core-10.0.5.tar.gz
+/pki-core-10.1.0.tar.gz
+/pki-core-10.2.0.tar.gz
+/pki-core-10.2.1.tar.gz
+/pki-core-10.2.3.tar.gz
+/pki-core-10.2.4.tar.gz
+/pki-core-10.2.5.tar.gz
+/pki-core-10.2.6.tar.gz
+/pki-core-10.3.0.a1.tar.gz
+/pki-core-10.3.0.a2.tar.gz
+/pki-core-10.3.0.b1.tar.gz
+/pki-core-10.3.1.tar.gz
+/pki-core-10.3.2.tar.gz
+/pki-core-10.3.3.tar.gz
+/pki-core-10.3.5.tar.gz
+/pki-core-10.4.0.tar.gz
+/pki-core-10.4.1.tar.gz
+/pki-core-10.4.2.tar.gz
+/pki-core-10.4.3.tar.gz
+/pki-core-10.4.4.tar.gz
+/pki-core-10.4.5.tar.gz
+/pki-core-10.4.7.tar.gz
+/pki-core-10.4.8.tar.gz
+/pki-core-10.5.0.tar.gz
+/pki-core-10.5.1.tar.gz
+/pki-core-10.5.2.tar.gz
+/pki-core-10.5.3.tar.gz
+/pki-core-10.5.4.tar.gz
+/pki-core-10.5.5.tar.gz
+/pki-core-10.5.6.tar.gz
+/pki-core-10.6.0.tar.gz
+/pki-10.6.0.tar.gz
+/pki-10.6.0-beta2.tar.gz
+/pki-10.6.1.tar.gz
+/pki-10.6.1-2.patch
+/pki-10.6.2.tar.gz
+/pki-10.6.3.tar.gz
+/pki-10.6.4.tar.gz
+/pki-10.6.5.tar.gz
+/pki-10.6.6.tar.gz
+/pki-10.6.7.tar.gz
+/pki-10.6.8.tar.gz
+/pki-10.6.9.tar.gz
+/pki-10.7.0.tar.gz
+/pki-10.7.3.tar.gz
+/pki-10.8.3.tar.gz
+/pki-10.9.0-a2.tar.gz
+/pki-10.9.0-b2.tar.gz
+/pki-10.9.1.tar.gz
+/pki-10.9.2.tar.gz
+/pki-10.9.4.tar.gz
+/pki-10.10.0-b1.tar.gz
+/pki-10.10.0.tar.gz
+/pki-10.10.2.tar.gz
+/pki-10.10.3.tar.gz
+/pki-10.10.5.tar.gz
+/pki-10.11.0-alpha1.tar.gz
+/pki-11.0.0-alpha1.tar.gz
+/pki-11.0.0-beta1.tar.gz
+/pki-11.0.0.tar.gz
+/pki-11.0.1.tar.gz
+/pki-11.0.3.tar.gz
+/pki-11.2.0-beta1.tar.gz
+/pki-11.2.0-beta2.tar.gz
+/pki-11.2.0-beta3.tar.gz
+/pki-11.2.0.tar.gz
+/pki-11.2.1.tar.gz
+/pki-11.3.0-beta1.tar.gz
+/pki-11.3.0.tar.gz
+/pki-11.4.2.tar.gz
+/pki-11.5.0-alpha4.tar.gz
+/pki-11.5.0-alpha5.tar.gz
+/pki-11.5.0-alpha6.tar.gz
+/pki-11.5.0-alpha7.tar.gz
+/pki-11.5.0-alpha8.tar.gz
+/pki-11.5.0.tar.gz
+/pki-11.5.1.tar.gz

.pki-core.metadata

@@ -1 +0,0 @@
-cd9d17a0853ba94513f9622c675ea610bb209b48 SOURCES/pki-10.15.1.tar.gz

copr-build.sh

@@ -0,0 +1,9 @@
+#!/bin/sh
+
+REPO=$1
+
+if [ "$REPO" == "" ]; then
+    REPO="pki-10.6"
+fi
+
+fedpkg copr-build --nowait $REPO

gating.yaml

@@ -0,0 +1,8 @@
+# recipients: rhcs-team
+--- !Policy
+product_versions:
+  - rhel-9
+decision_context: osci_compose_gate
+rules:
+  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}
+  - !PassingTestCaseRule {test_case_name: idm-ci.brew-build.tier1.functional}

pki-core.rpmlintrc

@@ -0,0 +1,4 @@
+addFilter('W: spelling-error')
+addFilter('W: dangling-symlink')
+addFilter('W: no-manual-page-for-binary')
+addFilter('W: log-files-without-logrotate')

rpminspect.yaml

@@ -0,0 +1,8 @@
+---
+specname:
+    match: suffix
+runpath:
+    allowed_paths:
+        - /usr/lib64/tps
+inspections:
+    javabytecode: off

sources

@@ -0,0 +1 @@
+SHA512 (pki-11.5.1.tar.gz) = 7e65dc91398463790484cdf58e38b5747bfe18ff1235bb9a5bbd79a9bdf0d22c9f4c5feda40aa3927feef0162fd3d124d46be71c5c2f93ab9440289e126b2614

sources-update.sh

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+SOURCE=$1
+TARGET=`basename $1`
+
+cp $SOURCE $TARGET
+sha512sum --tag $TARGET > sources

tests/roles/Test_Setup/files/ca.cfg

@@ -0,0 +1,25 @@
+[DEFAULT]
+pki_server_database_password=Secret.123
+
+[CA]
+pki_admin_email=caadmin@example.com
+pki_admin_name=caadmin
+pki_admin_nickname=caadmin
+pki_admin_password=Secret.123
+pki_admin_uid=caadmin
+
+pki_client_database_password=Secret.123
+pki_client_database_purge=False
+pki_client_pkcs12_password=Secret.123
+
+pki_ds_base_dn=dc=ca,dc=pki,dc=example,dc=com
+pki_ds_database=ca
+pki_ds_password=Secret.123
+
+pki_security_domain_name=EXAMPLE
+
+pki_ca_signing_nickname=ca_signing
+pki_ocsp_signing_nickname=ca_ocsp_signing
+pki_audit_signing_nickname=ca_audit_signing
+pki_sslserver_nickname=sslserver
+pki_subsystem_nickname=subsystem

tests/roles/Test_Setup/files/ds-create.sh

@@ -0,0 +1,24 @@
+#!/bin/bash -ex
+
+# This command needs to be executed as it pulls the machine name
+# dynamically.
+dscreate create-template /tmp/test_dir/ds.inf
+
+sed -i \
+    -e "s/;instance_name = .*/instance_name = localhost/g" \
+    -e "s/;root_password = .*/root_password = Secret.123/g" \
+    -e "s/;suffix = .*/suffix = dc=example,dc=com/g" \
+    -e "s/;self_sign_cert = .*/self_sign_cert = False/g" \
+    /tmp/test_dir/ds.inf
+
+dscreate from-file /tmp/test_dir/ds.inf
+
+ldapadd -h $HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 << EOF
+dn: dc=example,dc=com
+objectClass: domain
+dc: example
+
+dn: dc=pki,dc=example,dc=com
+objectClass: domain
+dc: pki
+EOF

tests/roles/Test_Setup/files/kra.cfg

@@ -0,0 +1,27 @@
+[DEFAULT]
+pki_server_database_password=Secret.123
+
+[KRA]
+pki_admin_email=kraadmin@example.com
+pki_admin_name=kraadmin
+pki_admin_nickname=kraadmin
+pki_admin_password=Secret.123
+pki_admin_uid=kraadmin
+
+pki_client_database_password=Secret.123
+pki_client_database_purge=False
+pki_client_pkcs12_password=Secret.123
+
+pki_ds_base_dn=dc=kra,dc=pki,dc=example,dc=com
+pki_ds_database=kra
+pki_ds_password=Secret.123
+
+pki_security_domain_name=EXAMPLE
+pki_security_domain_user=caadmin
+pki_security_domain_password=Secret.123
+
+pki_storage_nickname=kra_storage
+pki_transport_nickname=kra_transport
+pki_audit_signing_nickname=kra_audit_signing
+pki_sslserver_nickname=sslserver
+pki_subsystem_nickname=subsystem

tests/roles/Test_Setup/tasks/main.yml

@@ -0,0 +1,21 @@
+---
+
+- name: Install required packages
+  dnf:
+    name: >
+      389-ds-base, pki-ca, pki-kra
+
+- name: Creates directory
+  file: path=/tmp/test_files state=directory
+
+- name: Copying templates to /tmp folder
+  copy : src=.  dest=/tmp/test_dir
+
+- name: Setup DS Service
+  shell: sh /tmp/test_dir/ds-create.sh
+
+- name: Install CA subsystem
+  shell: pkispawn -f /tmp/test_dir/ca.cfg -s CA -v
+
+- name: Install KRA subsystem
+  shell: pkispawn -f /tmp/test_dir/kra.cfg -s KRA -v

tests/tests.yml

@@ -0,0 +1,29 @@
+- hosts: localhost
+  remote_user: root
+  tags:
+    - classic
+  roles:
+  - role: Test_Setup
+  - role: standard-test-basic
+    tests:
+    - verify_spawn_ca:
+        dir: .
+        run: "curl http://localhost:8080/ca/admin/ca/getStatus | grep '\"Status\" : \"running\"'"
+    - verify_spawn_kra:
+        dir: .
+        run: "curl http://localhost:8080/kra/admin/kra/getStatus | grep '\"Status\" : \"running\"'"
+    - destroy_kra:
+        dir: .
+        run: "pkidestroy -i pki-tomcat -s KRA && sleep 5"
+    - verify_destroy_kra:
+        dir: .
+        run: "curl http://localhost:8080/kra/admin/kra/getStatus | grep 'HTTP Status 404'"
+    - destroy_ca:
+        dir: .
+        run: "pkidestroy -i pki-tomcat -s CA"
+    - verify_destroy_ca:
+        dir: .
+        run: "curl http://localhost:8080/ca/admin/ca/getStatus  &> testfile.log || true && grep 'Connection refused' testfile.log"
+    required_packages:
+    - pki-ca
+    - pki-kra