From ad6f1d9ce30505450dcc192283c59236c5574c99 Mon Sep 17 00:00:00 2001 From: James Antill Date: Mon, 8 Aug 2022 13:57:43 -0400 Subject: [PATCH] Import rpm: 7ea81f524a563efc6fa80b9ae3cb1dcc65422f24 --- .gitignore | 1 + ...proper-validation-of-response-header.patch | 47 +++ 0001-Remove-Log4jLogger.patch | 163 +++++++++ gating.yaml | 7 + resteasy.spec | 318 ++++++++++++++++++ sources | 1 + tests/roles/Test_Setup/files/ca.cfg | 25 ++ tests/roles/Test_Setup/files/ds-create.sh | 24 ++ tests/roles/Test_Setup/files/kra.cfg | 27 ++ tests/roles/Test_Setup/tasks/main.yml | 26 ++ tests/tests.yml | 29 ++ 11 files changed, 668 insertions(+) create mode 100644 .gitignore create mode 100644 0001-RESTEASY-2559-Improper-validation-of-response-header.patch create mode 100644 0001-Remove-Log4jLogger.patch create mode 100644 gating.yaml create mode 100644 resteasy.spec create mode 100644 sources create mode 100644 tests/roles/Test_Setup/files/ca.cfg create mode 100644 tests/roles/Test_Setup/files/ds-create.sh create mode 100644 tests/roles/Test_Setup/files/kra.cfg create mode 100644 tests/roles/Test_Setup/tasks/main.yml create mode 100644 tests/tests.yml diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..2f0d319 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/resteasy-3.0.26.Final.tar.gz diff --git a/0001-RESTEASY-2559-Improper-validation-of-response-header.patch b/0001-RESTEASY-2559-Improper-validation-of-response-header.patch new file mode 100644 index 0000000..9048abd --- /dev/null +++ b/0001-RESTEASY-2559-Improper-validation-of-response-header.patch @@ -0,0 +1,47 @@ +From f58a22382e31c0c4b92e519fa84f701a606981ac Mon Sep 17 00:00:00 2001 +From: Bartosz Spyrko-Smietanko +Date: Thu, 16 Apr 2020 14:01:17 +0100 +Subject: [PATCH] [RESTEASY-2559] Improper validation of response header in + MediaTypeHeaderDelegate.java class + +--- + .../plugins/delegates/MediaTypeHeaderDelegate.java | 1 + + .../test/mediatype/MediaTypeHeaderTest.java | 14 ++++++++++++++ + 2 files changed, 15 insertions(+) + create mode 100644 testsuite/unit-tests/src/test/java/org/jboss/resteasy/test/mediatype/MediaTypeHeaderTest.java + +diff --git a/resteasy-jaxrs/src/main/java/org/jboss/resteasy/plugins/delegates/MediaTypeHeaderDelegate.java b/resteasy-jaxrs/src/main/java/org/jboss/resteasy/plugins/delegates/MediaTypeHeaderDelegate.java +index db0b4d588..b31d4376e 100755 +--- a/resteasy-jaxrs/src/main/java/org/jboss/resteasy/plugins/delegates/MediaTypeHeaderDelegate.java ++++ b/resteasy-jaxrs/src/main/java/org/jboss/resteasy/plugins/delegates/MediaTypeHeaderDelegate.java +@@ -89,6 +89,7 @@ public class MediaTypeHeaderDelegate implements RuntimeDelegate.HeaderDelegate + case '[': + case ']': + case '=': ++ case '\n': + return false; + default: + break; +diff --git a/testsuite/unit-tests/src/test/java/org/jboss/resteasy/test/mediatype/MediaTypeHeaderTest.java b/testsuite/unit-tests/src/test/java/org/jboss/resteasy/test/mediatype/MediaTypeHeaderTest.java +new file mode 100644 +index 000000000..e46f018f7 +--- /dev/null ++++ b/testsuite/unit-tests/src/test/java/org/jboss/resteasy/test/mediatype/MediaTypeHeaderTest.java +@@ -0,0 +1,14 @@ ++package org.jboss.resteasy.test.mediatype; ++ ++import org.jboss.resteasy.plugins.delegates.MediaTypeHeaderDelegate; ++import org.junit.Test; ++ ++public class MediaTypeHeaderTest { ++ ++ @Test(expected = IllegalArgumentException.class) ++ public void testNewLineInHeaderValueIsRejected() { ++ MediaTypeHeaderDelegate delegate = new MediaTypeHeaderDelegate(); ++ ++ delegate.fromString("foo/bar\n"); ++ } ++} +-- +2.26.2 + diff --git a/0001-Remove-Log4jLogger.patch b/0001-Remove-Log4jLogger.patch new file mode 100644 index 0000000..f5335db --- /dev/null +++ b/0001-Remove-Log4jLogger.patch @@ -0,0 +1,163 @@ +From d9ad1ff80c45333922fb51e454ee6036b389faa4 Mon Sep 17 00:00:00 2001 +From: "Endi S. Dewata" +Date: Wed, 2 Jun 2021 19:34:16 -0500 +Subject: [PATCH] Remove Log4jLogger + +--- + .../resteasy/logging/impl/Log4jLogger.java | 144 ------------------ + 1 file changed, 144 deletions(-) + delete mode 100644 resteasy-jaxrs/src/main/java/org/jboss/resteasy/logging/impl/Log4jLogger.java + +diff --git a/resteasy-jaxrs/src/main/java/org/jboss/resteasy/logging/impl/Log4jLogger.java b/resteasy-jaxrs/src/main/java/org/jboss/resteasy/logging/impl/Log4jLogger.java +deleted file mode 100644 +index 6cf43d251..000000000 +--- a/resteasy-jaxrs/src/main/java/org/jboss/resteasy/logging/impl/Log4jLogger.java ++++ /dev/null +@@ -1,144 +0,0 @@ +-package org.jboss.resteasy.logging.impl; +- +-import org.apache.log4j.Logger; +- +-import java.text.MessageFormat; +- +-/** +- * @author Bill Burke +- * @version $Revision: 1 $ +- */ +-public class Log4jLogger extends org.jboss.resteasy.logging.Logger +-{ +- private transient Logger delegate; +- private String classname; +- +- public Log4jLogger(String classname) +- { +- this.classname = classname; +- delegate = Logger.getLogger(classname); +- } +- +- @Override +- public boolean isTraceEnabled() +- { +- return delegate.isTraceEnabled(); +- } +- +- @Override +- public void trace(String message) +- { +- if (!delegate.isTraceEnabled()) return; +- delegate.trace(message); +- } +- +- @Override +- public void trace(String message, Object... params) +- { +- if (!delegate.isTraceEnabled()) return; +- String msg = MessageFormat.format(message, params); +- delegate.trace(msg); +- } +- +- @Override +- public void trace(String message, Throwable error) +- { +- if (!delegate.isTraceEnabled()) return; +- delegate.trace(message, error); +- } +- +- @Override +- public boolean isDebugEnabled() +- { +- return delegate.isDebugEnabled(); +- } +- +- @Override +- public void debug(String message) +- { +- if (!delegate.isDebugEnabled()) return; +- delegate.debug(message); +- } +- +- @Override +- public void debug(String message, Object... params) +- { +- if (!delegate.isDebugEnabled()) return; +- String msg = MessageFormat.format(message, params); +- delegate.debug(msg); +- } +- +- @Override +- public void debug(String message, Throwable error) +- { +- if (!isDebugEnabled()) return; +- delegate.debug(message, error); +- } +- +- @Override +- public void info(String message) +- { +- if (!(delegate.isInfoEnabled())) return; +- delegate.info(message); +- } +- +- @Override +- public void info(String message, Object... params) +- { +- if (!delegate.isInfoEnabled()) return; +- String msg = MessageFormat.format(message, params); +- delegate.info(msg); +- } +- +- @Override +- public void info(String message, Throwable error) +- { +- if (!delegate.isInfoEnabled()) return; +- delegate.info(message, error); +- } +- +- @Override +- public void warn(String message) +- { +- delegate.warn(message); +- } +- +- @Override +- public void warn(String message, Object... params) +- { +- String msg = MessageFormat.format(message, params); +- delegate.warn(msg); +- } +- +- @Override +- public void warn(String message, Throwable error) +- { +- delegate.warn(message, error); +- } +- +- @Override +- public void error(String message) +- { +- delegate.warn(message); +- } +- +- @Override +- public void error(String message, Object... params) +- { +- String msg = MessageFormat.format(message, params); +- delegate.error(msg); +- } +- +- @Override +- public void error(String message, Throwable error) +- { +- delegate.warn(message, error); +- } +- +- @Override +- public boolean isWarnEnabled() +- { +- return true; +- } +- +-} +-- +2.31.1 + diff --git a/gating.yaml b/gating.yaml new file mode 100644 index 0000000..388958f --- /dev/null +++ b/gating.yaml @@ -0,0 +1,7 @@ +# recipients: rhcs-team +--- !Policy +product_versions: + - rhel-9 +decision_context: osci_compose_gate +rules: + - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional} diff --git a/resteasy.spec b/resteasy.spec new file mode 100644 index 0000000..9678b9a --- /dev/null +++ b/resteasy.spec @@ -0,0 +1,318 @@ +%global namedreltag .Final +%global namedversion %{version}%{namedreltag} + +Name: resteasy +Version: 3.0.26 +Release: 6%{?dist} +Summary: Framework for RESTful Web services and Java applications +License: ASL 2.0 +URL: http://resteasy.jboss.org/ +Source0: https://github.com/resteasy/Resteasy/archive/%{namedversion}/%{name}-%{namedversion}.tar.gz +Patch1: 0001-RESTEASY-2559-Improper-validation-of-response-header.patch + +BuildArch: noarch + +BuildRequires: maven-local +BuildRequires: mvn(commons-io:commons-io) +BuildRequires: mvn(com.sun.xml.bind:jaxb-impl) +BuildRequires: mvn(log4j:log4j:12) +BuildRequires: mvn(org.apache.httpcomponents:httpclient) +BuildRequires: mvn(org.apache.maven.plugins:maven-source-plugin) + +# Jackson 2 +BuildRequires: mvn(com.fasterxml.jackson.core:jackson-core) +BuildRequires: mvn(com.fasterxml.jackson.core:jackson-databind) +BuildRequires: mvn(com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-provider) + +BuildRequires: mvn(org.jboss:jboss-parent:pom:) +BuildRequires: mvn(org.jboss.logging:jboss-logging) +BuildRequires: mvn(org.jboss.logging:jboss-logging-annotations) +BuildRequires: mvn(org.jboss.logging:jboss-logging-processor) +BuildRequires: mvn(org.jboss.spec.javax.annotation:jboss-annotations-api_1.2_spec) +BuildRequires: mvn(org.jboss.spec.javax.ws.rs:jboss-jaxrs-api_2.0_spec) +BuildRequires: mvn(org.slf4j:slf4j-api) + +# Require the Servlet API 4.0 +BuildRequires: pki-servlet-4.0-api +Requires: pki-servlet-4.0-api + +#XXX just to make pki-core build. pki-core should switch to mvn requires +Provides: resteasy-atom-provider +Provides: resteasy-client +Provides: resteasy-jaxb-provider +Provides: resteasy-core +Provides: resteasy-jackson2-provider + + +%description +%global desc \ +RESTEasy contains a JBoss project that provides frameworks to help\ +build RESTful Web Services and RESTful Java applications. It is a fully\ +certified and portable implementation of the JAX-RS specification. +%{desc} +%global extdesc %{desc}\ +\ +This package contains + +%package javadoc +Summary: Javadoc for %{name} + +%description javadoc +This package contains the API documentation for %{name}. + +%prep +%setup -q -n resteasy-jaxrs-all-%{namedversion}-redhat-1 +%patch1 -p1 + +%pom_disable_module arquillian +%pom_disable_module eagledns +%pom_disable_module jboss-modules +%pom_disable_module profiling-tests +%pom_disable_module resteasy-bom +%pom_disable_module resteasy-cache +%pom_disable_module resteasy-cdi +%pom_disable_module resteasy-dependencies-bom +%pom_disable_module resteasy-guice +%pom_disable_module resteasy-jaxrs-testsuite +%pom_disable_module resteasy-jsapi +%pom_disable_module resteasy-jsapi-testing +%pom_disable_module resteasy-links +%pom_disable_module resteasy-servlet-initializer +%pom_disable_module resteasy-spring +%pom_disable_module resteasy-wadl +%pom_disable_module resteasy-wadl-undertow-connector +%pom_disable_module security +%pom_disable_module server-adapters +%pom_disable_module testsuite +%pom_disable_module tjws + +pushd providers +%pom_disable_module fastinfoset +%pom_disable_module jackson +%pom_disable_module jettison +%pom_disable_module json-p-ee7 +%pom_disable_module multipart +%pom_disable_module resteasy-html +%pom_disable_module resteasy-validator-provider-11 +%pom_disable_module yaml +popd + +find -name '*.jar' -print -delete + +%pom_remove_plugin :maven-clover2-plugin + +# Specify log4j v1.2 +%pom_change_dep "log4j:log4j" "log4j:log4j:12" resteasy-jaxrs + +# remove activation.jar dependencies +%pom_remove_dep -r javax.activation:activation resteasy-jaxrs resteasy-spring + +# remove resteasy-dependencies pom +%pom_remove_dep "org.jboss.resteasy:resteasy-dependencies" + +# remove redundant jcip-dependencies dep from resteasy-jaxrs +%pom_remove_dep net.jcip:jcip-annotations resteasy-jaxrs + +# remove junit dependency from all modules +%pom_remove_dep junit:junit resteasy-client +%pom_remove_dep junit:junit providers/resteasy-atom +%pom_remove_dep junit:junit providers/jaxb +%pom_remove_dep junit:junit resteasy-jaxrs + +# depend on servlet-api from pki-servlet-4.0-api +%pom_change_dep org.jboss.spec.javax.servlet: org.apache.tomcat:tomcat-servlet-api resteasy-jaxrs +%pom_change_dep org.jboss.spec.javax.servlet: org.apache.tomcat:tomcat-servlet-api providers/abdera-atom +%pom_change_dep org.jboss.spec.javax.servlet: org.apache.tomcat:tomcat-servlet-api providers/jaxb +%pom_change_dep org.jboss.spec.javax.servlet: org.apache.tomcat:tomcat-servlet-api providers/jackson2 + +%pom_remove_plugin com.redhat.rcm.maven.plugin:buildmetadata-maven-plugin +%pom_remove_plugin org.commonjava.maven.plugins:project-sources-maven-plugin +%pom_remove_plugin :maven-clean-plugin + +# Fixing JDK7 ASCII issues +files=' +resteasy-jaxrs/src/main/java/org/jboss/resteasy/annotations/Query.java +resteasy-jaxrs/src/main/java/org/jboss/resteasy/core/QueryInjector.java +resteasy-jsapi/src/main/java/org/jboss/resteasy/jsapi/JSAPIWriter.java +resteasy-jsapi/src/main/java/org/jboss/resteasy/jsapi/JSAPIServlet.java +resteasy-jsapi/src/main/java/org/jboss/resteasy/jsapi/ServiceRegistry.java +resteasy-links/src/main/java/org/jboss/resteasy/links/AddLinks.java +resteasy-links/src/main/java/org/jboss/resteasy/links/ELProvider.java +resteasy-links/src/main/java/org/jboss/resteasy/links/LinkELProvider.java +resteasy-links/src/main/java/org/jboss/resteasy/links/LinkResource.java +resteasy-links/src/main/java/org/jboss/resteasy/links/LinkResources.java +resteasy-links/src/main/java/org/jboss/resteasy/links/ParentResource.java +resteasy-links/src/main/java/org/jboss/resteasy/links/RESTServiceDiscovery.java +resteasy-links/src/main/java/org/jboss/resteasy/links/ResourceFacade.java +resteasy-links/src/main/java/org/jboss/resteasy/links/ResourceID.java +resteasy-links/src/main/java/org/jboss/resteasy/links/ResourceIDs.java +security/resteasy-oauth/src/main/java/org/jboss/resteasy/auth/oauth/OAuthConsumer.java +security/resteasy-oauth/src/main/java/org/jboss/resteasy/auth/oauth/OAuthException.java +security/resteasy-oauth/src/main/java/org/jboss/resteasy/auth/oauth/OAuthFilter.java +security/resteasy-oauth/src/main/java/org/jboss/resteasy/auth/oauth/OAuthMemoryProvider.java +security/resteasy-oauth/src/main/java/org/jboss/resteasy/auth/oauth/OAuthProvider.java +security/resteasy-oauth/src/main/java/org/jboss/resteasy/auth/oauth/OAuthProviderChecker.java +security/resteasy-oauth/src/main/java/org/jboss/resteasy/auth/oauth/OAuthRequestToken.java +security/resteasy-oauth/src/main/java/org/jboss/resteasy/auth/oauth/OAuthServlet.java +security/resteasy-oauth/src/main/java/org/jboss/resteasy/auth/oauth/OAuthToken.java +security/resteasy-oauth/src/main/java/org/jboss/resteasy/auth/oauth/OAuthValidator.java +' + +for f in ${files}; do +native2ascii -encoding UTF8 ${f} ${f} +done + +# Disable useless artifacts generation, package __noinstall do not work +%pom_add_plugin org.apache.maven.plugins:maven-source-plugin . ' + + true +' + +%build + +%mvn_build -f + +%install +%mvn_install + +%files -f .mfiles +%doc README.md +%license License.html + +%files javadoc -f .mfiles-javadoc + +%changelog +* Mon Nov 30 2020 Alexander Scheel - 3.0.26-6 +- CVE-2020-1695: Improper validation of response header in MediaTypeHeaderDelegate.java class + Resolves: rh-bz#1845548 + +* Tue Aug 07 2018 Fraser Tweedale 3.5.1-3 +- Avoid redundant jcip-annotations dependency + +* Fri Aug 03 2018 Fraser Tweedale 3.5.1-2 +- Use servlet-api from pki-servlet-container package + +* Wed Jul 11 2018 Fraser Tweedale 3.5.1-1 +- Switch to JBoss sources and build Jackson 2 provider instead of Jackson 1 + +* Thu May 24 2018 Michael Simacek - 3.0.19-8 +- Minimize to contain just components needed by pki-core + +* Fri Feb 09 2018 Fedora Release Engineering - 3.0.19-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 3.0.19-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Sat Feb 11 2017 Fedora Release Engineering - 3.0.19-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Tue Dec 27 2016 gil cattaneo 3.0.19-4 +- build fix for netty 3.10.6.Final + +* Tue Sep 13 2016 gil cattaneo 3.0.19-3 +- re-introduce jandex jars + +* Mon Aug 22 2016 gil cattaneo 3.0.19-2 +- move "Obsoletes" to resteasy-core + +* Sun Aug 21 2016 gil cattaneo 3.0.19-1 +- update to 3.0.19.Final + +* Fri Aug 12 2016 gil cattaneo 3.0.17-2 +- add sub package netty3 + +* Mon Jun 06 2016 gil cattaneo 3.0.17-1 +- update to 3.0.17.Final +- introduce license macro +- enable resteasy-links, resteasy-oauth, resteasy-wadl modules +- build resteasy-netty{3,4} + +* Mon Feb 22 2016 Mat Booth - 3.0.6-11 +- Fix failure to build from source + +* Thu Feb 04 2016 Fedora Release Engineering - 3.0.6-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Mon Jul 27 2015 Ade Lee - 3.0.6-9 +- Remove activation.jar dependency to fix build. + +* Thu Jun 18 2015 Fedora Release Engineering - 3.0.6-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Fri Dec 5 2014 Ade Lee - 3.0.6-7 +- Refactor into subpackages. +- Change build requires to mvn() format + +* Mon Sep 29 2014 Ade Lee - 3.0.6-6 +- Add fix for CVE-2014-3490 + +* Tue Jun 24 2014 Ade Lee - 3.0.6-5 +- Replace broken dependencies junit4-> junit +- Add patch to handle new bouncycastle API in version 1.50 +- Fix bogus dates in changelog + +* Sun Jun 08 2014 Fedora Release Engineering - 3.0.6-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Fri Mar 28 2014 Michael Simacek - 3.0.6-3 +- Use Requires: java-headless rebuild (#1067528) + +* Tue Jan 14 2014 Marek Goldmann - 3.0.6-2 +- Support for Netty 4 in Rawhide + +* Fri Jan 10 2014 Marek Goldmann - 3.0.6-1 +- Upstream release 3.0.6.Final + +* Fri Aug 09 2013 Marek Goldmann - 3.0.1-3 +- Remove versioning from the jandex files + +* Fri Aug 09 2013 Marek Goldmann - 3.0.1-2 +- Added jandex index files to all jars + +* Fri Aug 09 2013 Marek Goldmann - 3.0.1-1 +- Upstream release 3.0.1.Final +- Using xmvn + +* Sun Aug 04 2013 Fedora Release Engineering - 2.3.2-14 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Thu May 9 2013 Ade Lee 2.3.2-13 +- Removed dependency on maven-checkstyle-plugin + +* Tue Apr 2 2013 Endi S. Dewata - 2.3.2-12 +- Removed Tomcat 6 dependency + +* Thu Feb 14 2013 Fedora Release Engineering - 2.3.2-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Wed Feb 06 2013 Java SIG - 2.3.2-10 +- Update for https://fedoraproject.org/wiki/Fedora_19_Maven_Rebuild +- Replace maven BuildRequires with maven-local + +* Tue Aug 7 2012 Ade Lee - 2.3.2-9 +- Added tomcat6-servlet-2.5-api as a dependency + +* Sat Jul 21 2012 Fedora Release Engineering - 2.3.2-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Tue Apr 24 2012 Marek Goldmann 2.3.2-7 +- Create also the jandex index jar files + +* Tue Apr 24 2012 Marek Goldmann 2.3.2-6 +- Added resteasy-multipart-provider module + +* Mon Apr 23 2012 Juan Hernandez 2.3.2-5 +- Fix the async HTTP Servlet 3.0 artifact id + +* Mon Apr 23 2012 Juan Hernandez 2.3.2-4 +- Added an additional artifact and group id for jaxrs-api + +* Mon Apr 23 2012 Juan Hernandez 2.3.2-3 +- Added async HTTP Servlet 3.0 module + +* Thu Apr 12 2012 Juan Hernandez 2.3.2-2 +- Build CDI integration module (bug #812978) + +* Tue Mar 6 2012 Ade Lee 2.3.2-1 +- Initial packaging diff --git a/sources b/sources new file mode 100644 index 0000000..f8e57f3 --- /dev/null +++ b/sources @@ -0,0 +1 @@ +SHA1 (resteasy-3.0.26.Final.tar.gz) = 46f76675a579ac45441399220b0cefff9ffa8dbf diff --git a/tests/roles/Test_Setup/files/ca.cfg b/tests/roles/Test_Setup/files/ca.cfg new file mode 100644 index 0000000..158c1d5 --- /dev/null +++ b/tests/roles/Test_Setup/files/ca.cfg @@ -0,0 +1,25 @@ +[DEFAULT] +pki_server_database_password=Secret.123 + +[CA] +pki_admin_email=caadmin@example.com +pki_admin_name=caadmin +pki_admin_nickname=caadmin +pki_admin_password=Secret.123 +pki_admin_uid=caadmin + +pki_client_database_password=Secret.123 +pki_client_database_purge=False +pki_client_pkcs12_password=Secret.123 + +pki_ds_base_dn=dc=ca,dc=pki,dc=example,dc=com +pki_ds_database=ca +pki_ds_password=Secret.123 + +pki_security_domain_name=EXAMPLE + +pki_ca_signing_nickname=ca_signing +pki_ocsp_signing_nickname=ca_ocsp_signing +pki_audit_signing_nickname=ca_audit_signing +pki_sslserver_nickname=sslserver +pki_subsystem_nickname=subsystem diff --git a/tests/roles/Test_Setup/files/ds-create.sh b/tests/roles/Test_Setup/files/ds-create.sh new file mode 100644 index 0000000..825d83f --- /dev/null +++ b/tests/roles/Test_Setup/files/ds-create.sh @@ -0,0 +1,24 @@ +#!/bin/bash -ex + +# This command needs to be executed as it pulls the machine name +# dynamically. +dscreate create-template /tmp/test_dir/ds.inf + +sed -i \ + -e "s/;instance_name = .*/instance_name = localhost/g" \ + -e "s/;root_password = .*/root_password = Secret.123/g" \ + -e "s/;suffix = .*/suffix = dc=example,dc=com/g" \ + -e "s/;self_sign_cert = .*/self_sign_cert = False/g" \ + /tmp/test_dir/ds.inf + +dscreate from-file /tmp/test_dir/ds.inf + +ldapadd -h $HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 << EOF +dn: dc=example,dc=com +objectClass: domain +dc: example + +dn: dc=pki,dc=example,dc=com +objectClass: domain +dc: pki +EOF diff --git a/tests/roles/Test_Setup/files/kra.cfg b/tests/roles/Test_Setup/files/kra.cfg new file mode 100644 index 0000000..d93f4bb --- /dev/null +++ b/tests/roles/Test_Setup/files/kra.cfg @@ -0,0 +1,27 @@ +[DEFAULT] +pki_server_database_password=Secret.123 + +[KRA] +pki_admin_email=kraadmin@example.com +pki_admin_name=kraadmin +pki_admin_nickname=kraadmin +pki_admin_password=Secret.123 +pki_admin_uid=kraadmin + +pki_client_database_password=Secret.123 +pki_client_database_purge=False +pki_client_pkcs12_password=Secret.123 + +pki_ds_base_dn=dc=kra,dc=pki,dc=example,dc=com +pki_ds_database=kra +pki_ds_password=Secret.123 + +pki_security_domain_name=EXAMPLE +pki_security_domain_user=caadmin +pki_security_domain_password=Secret.123 + +pki_storage_nickname=kra_storage +pki_transport_nickname=kra_transport +pki_audit_signing_nickname=kra_audit_signing +pki_sslserver_nickname=sslserver +pki_subsystem_nickname=subsystem diff --git a/tests/roles/Test_Setup/tasks/main.yml b/tests/roles/Test_Setup/tasks/main.yml new file mode 100644 index 0000000..0dfd61c --- /dev/null +++ b/tests/roles/Test_Setup/tasks/main.yml @@ -0,0 +1,26 @@ +--- + +- name: Install resteasy packages + dnf: + name: > + pki-resteasy-client, pki-resteasy-core, pki-resteasy-jackson2-provider, pki-resteasy-jaxb-provider + +- name: Install required packages + dnf: + name: > + 389-ds-base, pki-ca, pki-kra + +- name: Creates directory + file: path=/tmp/test_files state=directory + +- name: Copying templates to /tmp folder + copy : src=. dest=/tmp/test_dir + +- name: Setup DS Service + shell: sh /tmp/test_dir/ds-create.sh + +- name: Install CA subsystem + shell: pkispawn -f /tmp/test_dir/ca.cfg -s CA -v + +- name: Install KRA subsystem + shell: pkispawn -f /tmp/test_dir/kra.cfg -s KRA -v diff --git a/tests/tests.yml b/tests/tests.yml new file mode 100644 index 0000000..b5f216d --- /dev/null +++ b/tests/tests.yml @@ -0,0 +1,29 @@ +- hosts: localhost + remote_user: root + tags: + - classic + roles: + - role: Test_Setup + - role: standard-test-basic + tests: + - verify_spawn_ca: + dir: . + run: "curl http://localhost:8080/ca/admin/ca/getStatus | grep 'running'" + - verify_spawn_kra: + dir: . + run: "curl http://localhost:8080/kra/admin/kra/getStatus | grep 'running'" + - destroy_kra: + dir: . + run: "pkidestroy -i pki-tomcat -s KRA && sleep 5" + - verify_destroy_kra: + dir: . + run: "curl http://localhost:8080/kra/admin/kra/getStatus | grep 'HTTP Status 404'" + - destroy_ca: + dir: . + run: "pkidestroy -i pki-tomcat -s CA" + - verify_destroy_ca: + dir: . + run: "curl http://localhost:8080/ca/admin/ca/getStatus &> testfile.log || true && grep 'Connection refused' testfile.log" + required_packages: + - pki-ca + - pki-kra