15 changed files with 22 additions and 511 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1 @@
-SOURCES/pki-10.14.3.tar.gz
-/pki-10.14.3.tar.gz
+SOURCES/pki-10.15.0.tar.gz
--- a/.pki-core.metadata
+++ b/.pki-core.metadata
@ -0,0 +1 @@
+93ab86c656d28da1aeb388e6d4d1d88bb64b2dee SOURCES/pki-10.15.0.tar.gz
--- a/0001-Fix-pki-healthcheck-for-clones.patch
+++ b/0001-Fix-pki-healthcheck-for-clones.patch
@ -1,332 +0,0 @@
-From 7d62105c676fc79e0c32766c41cd034655a524ff Mon Sep 17 00:00:00 2001
-From: "Endi S. Dewata" <edewata@redhat.com>
-Date: Tue, 25 Jan 2022 16:29:53 -0600
-Subject: [PATCH] Fix pki-healthcheck for clones
-
-Previously the ClonesConnectivyAndDataCheck.check_kra_clones()
-was trying to check KRA clone status by retrieving a key using
-the subsystem cert. This operation did not work since the user
-associated with the cert did not have access to the keys. The
-code has been changed to get the status from GetStatus service
-instead. The original code might be moved into IPA later so it
-could run with IPA's RA agent credentials which would allow
-access to the keys.
-
-Previously the ClonesPlugin.contact_subsystem_using_sslget()
-used sslget to call GetStatus service and returned the entire
-output which was then incorrectly processed in XML format. The
-method has been renamed to get_status() and changed to use
-PKIConnection and process the response in either JSON or XML
-format, then only return the subsystem status. All callers
-have been updated accordingly.
-
-The ClonesPlugin.contact_subsystem_using_pki() is no longer
-used so it has been removed.
---
- .../clones/connectivity_and_data.py           | 130 ++++++++----------
- .../pki/server/healthcheck/clones/plugin.py   |  75 ++++------
- base/server/python/pki/server/__init__.py     |   8 +-
- 3 files changed, 91 insertions(+), 122 deletions(-)
-
-diff --git a/base/server/healthcheck/pki/server/healthcheck/clones/connectivity_and_data.py b/base/server/healthcheck/pki/server/healthcheck/clones/connectivity_and_data.py
-index ca5d6dae48..d9bb480f7f 100644
--- a/base/server/healthcheck/pki/server/healthcheck/clones/connectivity_and_data.py
-+++ b/base/server/healthcheck/pki/server/healthcheck/clones/connectivity_and_data.py
-@@ -46,93 +46,83 @@ class ClonesConnectivyAndDataCheck(ClonesPlugin):
- 
-     def check_kra_clones(self):
-         for host in self.clone_kras:
-            cur_clone_msg = ' Host: ' + host.Hostname + ' Port: ' + host.SecurePort
-            # Reach out and get some keys or requests , to serve as a data and connectivity check
-+
-+            url = 'https://' + host.Hostname + ':' + host.SecurePort
-+
-             try:
-                client_nick = self.security_domain.config.get('ca.connector.KRA.nickName')
-
-                output = self.contact_subsystem_using_pki(
-                    host.SecurePort, host.Hostname, client_nick,
-                    self.passwd, self.db_dir, 'kra-key-show', ['0x01'])
-
-                # check to see if we either got a key or a key not found exception
-                # of which either will imply a successful connection
-                if output is not None:
-                    key_found = output.find('Key ID:')
-                    key_not_found = output.find('KeyNotFoundException:')
-                    if key_found >= 0:
-                        logger.info('Key material found from kra clone.')
-
-                    if key_not_found >= 0:
-                        logger.info('key not found, possibly empty kra')
-
-                    if key_not_found == -1 and key_found == -1:
-                        logger.info('Failure to get key material from kra')
-                        raise BaseException('KRA clone problem detected ' + cur_clone_msg)
-                else:
-                    raise BaseException('No data obtained from KRA clone.' + cur_clone_msg)
-+                status = self.get_status(
-+                    host.Hostname,
-+                    host.SecurePort,
-+                    '/kra/admin/kra/getStatus')
- 
-            except BaseException as e:
-                logger.error("Internal error testing KRA clone. %s", e)
-                raise BaseException('Internal error testing KRA clone.' + cur_clone_msg)
-+                logger.info('KRA at %s is %s', url, status)
- 
-        return
-+                if status != 'running':
-+                    raise Exception('KRA at %s is %s' % (url, status))
-+
-+            except Exception as e:
-+                logger.error('Unable to reach KRA at %s: %s', url, e)
-+                raise Exception('Unable to reach KRA at %s: %s' % (url, e))
- 
-     def check_ocsp_clones(self):
-         for host in self.clone_ocsps:
-            cur_clone_msg = ' Host: ' + host.Hostname + ' Port: ' + host.SecurePort
-            # Reach out to the ocsp clones
-+
-+            url = 'https://' + host.Hostname + ':' + host.SecurePort
-+
-             try:
-                output = self.contact_subsystem_using_sslget(
-                    host.SecurePort, host.Hostname, None,
-                    self.passwd, self.db_dir, None, '/ocsp/admin/ocsp/getStatus')
-
-                good_status = output.find('<State>1</State>')
-                if good_status == -1:
-                    raise BaseException('OCSP clone problem detected.' + cur_clone_msg)
-                logger.info('good_status %s ', good_status)
-            except BaseException as e:
-                logger.error("Internal error testing OCSP clone.  %s", e)
-                raise BaseException('Internal error testing OCSP clone.' + cur_clone_msg)
-+                status = self.get_status(
-+                    host.Hostname,
-+                    host.SecurePort,
-+                    '/ocsp/admin/ocsp/getStatus')
- 
-        return
-+                logger.info('OCSP at %s is %s', url, status)
-+
-+                if status != 'running':
-+                    raise Exception('OCSP at %s is %s' % (url, status))
-+
-+            except Exception as e:
-+                logger.error('Unable to reach OCSP at %s: %s', url, e)
-+                raise Exception('Unable to reach OCSP at %s: %s' % (url, e))
- 
-     def check_tks_clones(self):
-         for host in self.clone_tkss:
-            cur_clone_msg = ' Host: ' + host.Hostname + ' Port: ' + host.SecurePort
-            # Reach out to the tks clones
-+
-+            url = 'https://' + host.Hostname + ':' + host.SecurePort
-+
-             try:
-                output = self.contact_subsystem_using_sslget(
-                    host.SecurePort, host.Hostname, None,
-                    self.passwd, self.db_dir, None, '/tks/admin/tks/getStatus')
-
-                good_status = output.find('<State>1</State>')
-                if good_status == -1:
-                    raise BaseException('TKS clone problem detected.' + cur_clone_msg)
-                logger.info('good_status %s ', good_status)
-            except BaseException as e:
-                logger.error("Internal error testing TKS clone. %s", e)
-                raise BaseException('Internal error testing TKS clone.' + cur_clone_msg)
-+                status = self.get_status(
-+                    host.Hostname,
-+                    host.SecurePort,
-+                    '/tks/admin/tks/getStatus')
- 
-        return
-+                logger.info('TKS at %s is %s', url, status)
-+
-+                if status != 'running':
-+                    raise Exception('TKS at %s is %s' % (url, status))
-+
-+            except Exception as e:
-+                logger.error('Unable to reach TKS at %s: %s', url, e)
-+                raise Exception('Unable to reach TKS at %s: %s' % (url, e))
- 
-     def check_tps_clones(self):
-         for host in self.clone_tpss:
-            cur_clone_msg = ' Host: ' + host.Hostname + ' Port: ' + host.SecurePort
-            # Reach out to the tps clones
-+
-+            url = 'https://' + host.Hostname + ':' + host.SecurePort
-+
-             try:
-                output = self.contact_subsystem_using_sslget(
-                    host.SecurePort, host.Hostname, None,
-                    self.passwd, self.db_dir, None, '/tps/admin/tps/getStatus')
-
-                good_status = output.find('<State>1</State>')
-                if good_status == -1:
-                    raise BaseException('TPS clone problem detected.' + cur_clone_msg)
-                logger.info('good_status  %s ', good_status)
-            except BaseException as e:
-                logger.error("Internal error testing TPS clone. %s", e)
-                raise BaseException('Internal error testing TPS clone.' + cur_clone_msg)
-        return
-+                status = self.get_status(
-+                    host.Hostname,
-+                    host.SecurePort,
-+                    '/tps/admin/tps/getStatus')
-+
-+                logger.info('TPS at %s is %s', url, status)
-+
-+                if status != 'running':
-+                    raise Exception('TPS at %s is %s' % (url, status))
-+
-+            except Exception as e:
-+                logger.error('Unable to reach TPS at %s: %s', url, e)
-+                raise Exception('Unable to reach TPS at %s: %s' % (url, e))
- 
-     @duration
-     def check(self):
-diff --git a/base/server/healthcheck/pki/server/healthcheck/clones/plugin.py b/base/server/healthcheck/pki/server/healthcheck/clones/plugin.py
-index 2472f35b5b..824c36a1a9 100644
--- a/base/server/healthcheck/pki/server/healthcheck/clones/plugin.py
-+++ b/base/server/healthcheck/pki/server/healthcheck/clones/plugin.py
-@@ -6,6 +6,10 @@
- # SPDX-License-Identifier: GPL-2.0-or-later
- #
- 
-+import json
-+import logging
-+import xml.etree.ElementTree as ET
-+
- from ipahealthcheck.core.plugin import Plugin, Registry
- from pki.server.instance import PKIInstance
- from pki.client import PKIConnection
-@@ -13,9 +17,6 @@ from pki.system import SecurityDomainClient
- 
- from pki.server.healthcheck.core.main import merge_dogtag_config
- 
-import logging
-import subprocess
-
- logger = logging.getLogger(__name__)
- 
- # Temporary workaround to skip VERBOSE data. Fix already pushed to upstream
-@@ -46,60 +47,36 @@ class ClonesPlugin(Plugin):
- 
-         self.instance = PKIInstance(self.config.instance_name)
- 
-    def contact_subsystem_using_pki(
-            self, subport, subhost, subsystemnick,
-            token_pwd, db_path, cmd, exts=None):
-        command = ["/usr/bin/pki",
-                   "-p", str(subport),
-                   "-h", subhost,
-                   "-n", subsystemnick,
-                   "-P", "https",
-                   "-d", db_path,
-                   "-c", token_pwd,
-                   cmd]
-
-        if exts is not None:
-            command.extend(exts)
-
-        output = None
-        try:
-            output = subprocess.check_output(command, stderr=subprocess.STDOUT)
-        except subprocess.CalledProcessError as e:
-            output = e.output.decode('utf-8')
-            return output
-+    def get_status(self, host, port, path):
- 
-        output = output.decode('utf-8')
-+        self.instance.export_ca_cert()
- 
-        return output
-+        connection = PKIConnection(
-+            protocol='https',
-+            hostname=host,
-+            port=port,
-+            cert_paths=self.instance.ca_cert)
- 
-    def contact_subsystem_using_sslget(
-            self, port, host, subsystemnick,
-            token_pwd, db_path, params, url):
-+        response = connection.get(path)
- 
-        command = ["/usr/bin/sslget"]
-+        content_type = response.headers['Content-Type']
-+        content = response.text
-+        logger.info('Content:\n%s', content)
- 
-        if subsystemnick is not None:
-            command.extend(["-n", subsystemnick])
-+        # https://github.com/dogtagpki/pki/wiki/GetStatus-Service
-+        if content_type == 'application/json':
-+            json_response = json.loads(content)
-+            status = json_response['Response']['Status']
- 
-        command.extend(["-p", token_pwd, "-d", db_path])
-
-        if params is not None:
-            command.extend(["-e", params])
-
-        command.extend([
-            "-r", url, host + ":" + port])
-
-        logger.info(' command : %s ', command)
-        output = None
-        try:
-            output = subprocess.check_output(command, stderr=subprocess.STDOUT)
-        except subprocess.CalledProcessError as e:
-            output = e.output.decode('utf-8')
-            return output
-+        elif content_type == 'application/xml':
-+            root = ET.fromstring(content)
-+            status = root.findtext('Status')
- 
-        output = output.decode('utf-8')
-+        else:
-+            raise Exception('Unsupported content-type: %s' % content_type)
- 
-        return output
-+        logger.info('Status: %s', status)
-+        return status
- 
-     def get_security_domain_data(self, host, port):
-         domain_data = None
-diff --git a/base/server/python/pki/server/__init__.py b/base/server/python/pki/server/__init__.py
-index 4fbb74684b..0515bbb197 100644
--- a/base/server/python/pki/server/__init__.py
-+++ b/base/server/python/pki/server/__init__.py
-@@ -241,6 +241,10 @@ class PKIServer(object):
-     def jss_conf(self):
-         return os.path.join(self.conf_dir, 'jss.conf')
- 
-+    @property
-+    def ca_cert(self):
-+        return os.path.join(self.nssdb_dir, 'ca.crt')
-+
-     def is_valid(self):
-         return self.exists()
- 
-@@ -259,8 +263,6 @@ class PKIServer(object):
- 
-     def export_ca_cert(self):
- 
-        ca_path = os.path.join(self.nssdb_dir, 'ca.crt')
-
-         token = pki.nssdb.INTERNAL_TOKEN_NAME
-         nickname = self.get_sslserver_cert_nickname()
- 
-@@ -272,7 +274,7 @@ class PKIServer(object):
-         nssdb = self.open_nssdb(token=token)
- 
-         try:
-            nssdb.extract_ca_cert(ca_path, nickname)
-+            nssdb.extract_ca_cert(self.ca_cert, nickname)
-         finally:
-             nssdb.close()
- 
-- 
-2.33.1
-
--- a/SPECS/pki-core.spec
+++ b/SPECS/pki-core.spec
@ -12,10 +12,10 @@ License:          GPLv2 and LGPLv2

 # For development (i.e. unsupported) releases, use x.y.z-0.n.<phase>.
 # For official (i.e. supported) releases, use x.y.z-r where r >=1.
-%global           release_number 2
-Version:          10.14.3
+%global           release_number 1
+Version:          10.15.0
 Release:          %{?release_number}%{?_timestamp}%{?_commit_id}%{?dist}
-#global           _phase
+#global           _phase -alpha1

 # To create a tarball from a version tag:
 # $ git archive \
@ -34,7 +34,6 @@ Source: https://github.com/dogtagpki/pki/archive/v%{version}%{?_phase}/pki-%{ver

 # md2man isn't available on i686. Additionally, we aren't generally multi-lib
 # compatible (https://fedoraproject.org/wiki/Packaging:Java)
-# md2man has now also been dropped in RHEL 8 so exlcude from RHEL 8+
 %if ! 0%{?rhel} || 0%{?rhel} >= 8
 ExcludeArch: i686
 %endif
@ -175,7 +174,7 @@ BuildRequires:    zip
 BuildRequires:    %{java_devel}
 BuildRequires:    javapackages-tools
 BuildRequires:    redhat-rpm-config
-BuildRequires:    ldapjdk >= 4.23.0, ldapjdk < 5.0.0
+BuildRequires:    ldapjdk >= 4.24.0, ldapjdk < 5.0.0
 BuildRequires:    apache-commons-cli
 BuildRequires:    apache-commons-codec
 BuildRequires:    apache-commons-io
@ -214,8 +213,8 @@ BuildRequires:    tomcat

 BuildRequires:    junit
 BuildRequires:    jpackage-utils >= 0:1.7.5-10
-BuildRequires:    jss >= 4.9.0, jss < 5.0.0
-BuildRequires:    tomcatjss >= 7.7.0, tomcatjss < 8.0.0
+BuildRequires:    jss >= 4.11.0, jss < 5.0.0
+BuildRequires:    tomcatjss >= 7.8.0, tomcatjss < 8.0.0

 BuildRequires:    systemd-units

@ -334,7 +333,7 @@ Provides:         pki-symkey = %{version}-%{release}

 Requires:         %{java_headless}
 Requires:         jpackage-utils >= 0:1.7.5-10
-Requires:         jss >= 4.9.0, jss < 5.0.0
+Requires:         jss >= 4.11.0, jss < 5.0.0
 Requires:         nss >= 3.38.0

 # Ensure we end up with a useful installation
@ -422,8 +421,8 @@ Requires:         glassfish-jaxb-api
 Requires:         slf4j
 Requires:         slf4j-jdk14
 Requires:         jpackage-utils >= 0:1.7.5-10
-Requires:         jss >= 4.9.0, jss < 5.0.0
-Requires:         ldapjdk >= 4.23.0, ldapjdk < 5.0.0
+Requires:         jss >= 4.11.0, jss < 5.0.0
+Requires:         ldapjdk >= 4.24.0, ldapjdk < 5.0.0
 Requires:         %{product_id}-base = %{version}-%{release}

 %if 0%{?rhel} && 0%{?rhel} <= 8
@ -511,7 +510,7 @@ Requires(post):   systemd-units
 Requires(preun):  systemd-units
 Requires(postun): systemd-units
 Requires(pre):    shadow-utils
-Requires:         tomcatjss >= 7.7.0, tomcatjss < 8.0.0
+Requires:         tomcatjss >= 7.8.0, tomcatjss < 8.0.0

 # pki-healthcheck depends on the following library
 %if 0%{?rhel}
@ -776,9 +775,9 @@ BuildArch:        noarch
 Obsoletes:        pki-console < %{version}-%{release}
 Provides:         pki-console = %{version}-%{release}

-BuildRequires:    idm-console-framework >= 1.2.0, idm-console-framework < 2.0.0
+BuildRequires:    idm-console-framework >= 1.4.0, idm-console-framework < 2.0.0

-Requires:         idm-console-framework >= 1.2.0, idm-console-framework < 2.0.0
+Requires:         idm-console-framework >= 1.4.0, idm-console-framework < 2.0.0
 Requires:         %{product_id}-base-java = %{version}-%{release}
 Requires:         %{product_id}-console-theme = %{version}-%{release}

@ -1395,8 +1394,14 @@ fi

 ################################################################################
 %changelog
-* Thu Mar 21 2024 Red Hat PKI Team <rhcs-maint@redhat.com> 10.14.3-2
- RHEL-30063: Replace pki-servlet-engine with tomcat
+* Thu Feb 08 2024 Red Hat PKI Team <rhcs-maint@redhat.com> 10.15.0-1
+- Rebase to PKI 10.15.0
+
+* Tue Jan 16 2024 Red Hat PKI Team <rhcs-maint@redhat.com> 10.15.0-0.1
+- Rebase to PKI 10.15.0-alpha1
+
+* Mon Jan 15 2024 Red Hat PKI Team <rhcs-maint@redhat.com> 10.14.3-2
+- Replace pki-servlet-engine with tomcat

 * Fri Feb 03 2023 Red Hat PKI Team <rhcs-maint@redhat.com> 10.14.3-1
 - Rebase to PKI 10.14.3
@ -1669,4 +1674,3 @@ fi

 * Thu Mar 15 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 10.6.0-0.2
 - Rebase to PKI 10.6.0 beta
-
--- a/copr-build.sh
+++ b/copr-build.sh
@ -1,9 +0,0 @@
-#!/bin/sh
-
-REPO=$1
-
-if [ "$REPO" == "" ]; then
-    REPO="pki-10.6"
-fi
-
-fedpkg copr-build --nowait $REPO
--- a/gating.yaml
+++ b/gating.yaml
@ -1,8 +0,0 @@
-# recipients: rhcs-team
--- !Policy
-product_versions:
-  - rhel-9
-decision_context: osci_compose_gate
-rules:
-  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}
-  - !PassingTestCaseRule {test_case_name: idm-ci.brew-build.tier1.functional}
--- a/pki-core.rpmlintrc
+++ b/pki-core.rpmlintrc
@ -1,4 +0,0 @@
-addFilter('W: spelling-error')
-addFilter('W: dangling-symlink')
-addFilter('W: no-manual-page-for-binary')
-addFilter('W: log-files-without-logrotate')
--- a/rpminspect.yaml
+++ b/rpminspect.yaml
@ -1,6 +0,0 @@
---
-specname:
-    match: suffix
-runpath:
-    allowed_paths:
-        - /usr/lib64/tps
--- a/1
+++ b/1
@ -1 +0,0 @@
-SHA512 (pki-10.14.3.tar.gz) = ffdd8240bcbfc1c3cd28fecc4eb092767d8afab2df7a9354264081f9c5449f12eb06726045758515b1a27f32af622dca557cc8d370d6c5f5eaaf8d8117b94773
--- a/sources-update.sh
+++ b/sources-update.sh
@ -1,7 +0,0 @@
-#!/bin/sh
-
-SOURCE=$1
-TARGET=`basename $1`
-
-cp $SOURCE $TARGET
-sha512sum --tag $TARGET > sources
--- a/tests/roles/Test_Setup/files/ca.cfg
+++ b/tests/roles/Test_Setup/files/ca.cfg
@ -1,25 +0,0 @@
-[DEFAULT]
-pki_server_database_password=Secret.123
-
-[CA]
-pki_admin_email=caadmin@example.com
-pki_admin_name=caadmin
-pki_admin_nickname=caadmin
-pki_admin_password=Secret.123
-pki_admin_uid=caadmin
-
-pki_client_database_password=Secret.123
-pki_client_database_purge=False
-pki_client_pkcs12_password=Secret.123
-
-pki_ds_base_dn=dc=ca,dc=pki,dc=example,dc=com
-pki_ds_database=ca
-pki_ds_password=Secret.123
-
-pki_security_domain_name=EXAMPLE
-
-pki_ca_signing_nickname=ca_signing
-pki_ocsp_signing_nickname=ca_ocsp_signing
-pki_audit_signing_nickname=ca_audit_signing
-pki_sslserver_nickname=sslserver
-pki_subsystem_nickname=subsystem
--- a/tests/roles/Test_Setup/files/ds-create.sh
+++ b/tests/roles/Test_Setup/files/ds-create.sh
@ -1,24 +0,0 @@
-#!/bin/bash -ex
-
-# This command needs to be executed as it pulls the machine name
-# dynamically.
-dscreate create-template /tmp/test_dir/ds.inf
-
-sed -i \
-    -e "s/;instance_name = .*/instance_name = localhost/g" \
-    -e "s/;root_password = .*/root_password = Secret.123/g" \
-    -e "s/;suffix = .*/suffix = dc=example,dc=com/g" \
-    -e "s/;self_sign_cert = .*/self_sign_cert = False/g" \
-    /tmp/test_dir/ds.inf
-
-dscreate from-file /tmp/test_dir/ds.inf
-
-ldapadd -h $HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 << EOF
-dn: dc=example,dc=com
-objectClass: domain
-dc: example
-
-dn: dc=pki,dc=example,dc=com
-objectClass: domain
-dc: pki
-EOF
--- a/tests/roles/Test_Setup/files/kra.cfg
+++ b/tests/roles/Test_Setup/files/kra.cfg
@ -1,27 +0,0 @@
-[DEFAULT]
-pki_server_database_password=Secret.123
-
-[KRA]
-pki_admin_email=kraadmin@example.com
-pki_admin_name=kraadmin
-pki_admin_nickname=kraadmin
-pki_admin_password=Secret.123
-pki_admin_uid=kraadmin
-
-pki_client_database_password=Secret.123
-pki_client_database_purge=False
-pki_client_pkcs12_password=Secret.123
-
-pki_ds_base_dn=dc=kra,dc=pki,dc=example,dc=com
-pki_ds_database=kra
-pki_ds_password=Secret.123
-
-pki_security_domain_name=EXAMPLE
-pki_security_domain_user=caadmin
-pki_security_domain_password=Secret.123
-
-pki_storage_nickname=kra_storage
-pki_transport_nickname=kra_transport
-pki_audit_signing_nickname=kra_audit_signing
-pki_sslserver_nickname=sslserver
-pki_subsystem_nickname=subsystem
--- a/tests/roles/Test_Setup/tasks/main.yml
+++ b/tests/roles/Test_Setup/tasks/main.yml
@ -1,21 +0,0 @@
---
-
- name: Install required packages
-  dnf:
-    name: >
-      389-ds-base, pki-ca, pki-kra
-
- name: Creates directory
-  file: path=/tmp/test_files state=directory
-
- name: Copying templates to /tmp folder
-  copy : src=.  dest=/tmp/test_dir
-
- name: Setup DS Service
-  shell: sh /tmp/test_dir/ds-create.sh
-
- name: Install CA subsystem
-  shell: pkispawn -f /tmp/test_dir/ca.cfg -s CA -v
-
- name: Install KRA subsystem
-  shell: pkispawn -f /tmp/test_dir/kra.cfg -s KRA -v
--- a/tests/tests.yml
+++ b/tests/tests.yml
@ -1,29 +0,0 @@
- hosts: localhost
-  remote_user: root
-  tags:
-    - classic
-  roles:
-  - role: Test_Setup
-  - role: standard-test-basic
-    tests:
-    - verify_spawn_ca:
-        dir: .
-        run: "curl http://localhost:8080/ca/admin/ca/getStatus | grep '\"Status\" : \"running\"'"
-    - verify_spawn_kra:
-        dir: .
-        run: "curl http://localhost:8080/kra/admin/kra/getStatus | grep '\"Status\" : \"running\"'"
-    - destroy_kra:
-        dir: .
-        run: "pkidestroy -i pki-tomcat -s KRA && sleep 5"
-    - verify_destroy_kra:
-        dir: .
-        run: "curl http://localhost:8080/kra/admin/kra/getStatus | grep 'HTTP Status 404'"
-    - destroy_ca:
-        dir: .
-        run: "pkidestroy -i pki-tomcat -s CA"
-    - verify_destroy_ca:
-        dir: .
-        run: "curl http://localhost:8080/ca/admin/ca/getStatus  &> testfile.log || true && grep 'Connection refused' testfile.log"
-    required_packages:
-    - pki-ca
-    - pki-kra
				`@ -0,0 +1 @@`
				`93ab86c656d28da1aeb388e6d4d1d88bb64b2dee SOURCES/pki-10.15.0.tar.gz`
				`@ -1 +0,0 @@`
				`SHA512 (pki-10.14.3.tar.gz) = ffdd8240bcbfc1c3cd28fecc4eb092767d8afab2df7a9354264081f9c5449f12eb06726045758515b1a27f32af622dca557cc8d370d6c5f5eaaf8d8117b94773`