From 1d02fdf49f88e74be51dc00d829292443d6cf80b Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Fri, 30 Aug 2024 18:04:22 -0500 Subject: [PATCH] Update PKI tests to run DS in separate container --- .github/workflows/pki-ca-test.yml | 50 ++++++++++++++------ .github/workflows/pki-tps-test.yml | 74 ++++++++++++++++++++++-------- 2 files changed, 92 insertions(+), 32 deletions(-) diff --git a/.github/workflows/pki-ca-test.yml b/.github/workflows/pki-ca-test.yml index 1599cc8eb..043b45072 100644 --- a/.github/workflows/pki-ca-test.yml +++ b/.github/workflows/pki-ca-test.yml @@ -27,7 +27,15 @@ jobs: - name: Create network run: docker network create example - - name: Set up JSS container + - name: Set up DS container + run: | + tests/bin/runner-init.sh \ + --hostname=ds.example.com \ + --network=example \ + --network-alias=ds.example.com \ + ds + + - name: Set up PKI container run: | tests/bin/runner-init.sh \ --hostname=pki.example.com \ @@ -49,20 +57,19 @@ jobs: - name: Install packages run: | - docker exec pki dnf install -y 389-ds-base + docker exec ds dnf install -y 389-ds-base docker cp /tmp/RPMS/. pki:/root/RPMS/ docker exec pki bash -c "dnf localinstall -y /root/RPMS/*" - name: Install DS - run: docker exec pki ${SHARED}/tests/bin/ds-create.sh + run: docker exec ds ${SHARED}/tests/bin/ds-create.sh - name: Install CA run: | docker exec pki pkispawn \ -f /usr/share/pki/server/examples/installation/ca.cfg \ -s CA \ - -D pki_cert_id_generator=random \ - -D pki_request_id_generator=random \ + -D pki_ds_url=ldap://ds.example.com:389 \ -v # set buffer size to 0 so that revocation takes effect immediately @@ -109,22 +116,37 @@ jobs: docker exec pki /usr/share/pki/tests/ca/bin/test-ca-auditor-cert.sh docker exec pki /usr/share/pki/tests/ca/bin/test-ca-auditor-logs.sh - - name: Gather artifacts - if: always() - run: | - tests/bin/ds-artifacts-save.sh pki - tests/bin/pki-artifacts-save.sh pki - - name: Remove CA run: docker exec pki pkidestroy -i pki-tomcat -s CA -v - name: Remove DS - run: docker exec pki ${SHARED}/tests/bin/ds-remove.sh + run: docker exec ds ${SHARED}/tests/bin/ds-remove.sh + + - name: Check DS server systemd journal + if: always() + run: | + docker exec ds journalctl -x --no-pager -u dirsrv@localhost.service + + - name: Check PKI server systemd journal + if: always() + run: | + docker exec pki journalctl -x --no-pager -u pki-tomcatd@pki-tomcat.service + + - name: Check CA debug log + if: always() + run: | + docker exec pki find /var/log/pki/pki-tomcat/ca -name "debug.*" -exec cat {} \; + + - name: Gather artifacts + if: always() + run: | + tests/bin/ds-artifacts-save.sh ds + tests/bin/pki-artifacts-save.sh pki + continue-on-error: true - name: Upload artifacts if: always() uses: actions/upload-artifact@v4 with: name: pki-ca-test - path: | - /tmp/artifacts/pki + path: /tmp/artifacts diff --git a/.github/workflows/pki-tps-test.yml b/.github/workflows/pki-tps-test.yml index a0a63ef08..f72837a84 100644 --- a/.github/workflows/pki-tps-test.yml +++ b/.github/workflows/pki-tps-test.yml @@ -24,10 +24,23 @@ jobs: - name: Load JSS images run: docker load --input jss-images.tar - - name: Set up JSS container + - name: Create network + run: docker network create example + + - name: Set up DS container + run: | + tests/bin/runner-init.sh \ + --hostname=ds.example.com \ + --network=example \ + --network-alias=ds.example.com \ + ds + + - name: Set up PKI container run: | tests/bin/runner-init.sh \ --hostname=pki.example.com \ + --network=example \ + --network-alias=pki.example.com \ pki - name: Import LDAP SDK packages @@ -44,38 +57,37 @@ jobs: - name: Install packages run: | - docker exec pki dnf install -y 389-ds-base + docker exec ds dnf install -y 389-ds-base docker cp /tmp/RPMS/. pki:/root/RPMS/ docker exec pki bash -c "dnf localinstall -y /root/RPMS/*" - name: Install DS - run: docker exec pki ${SHARED}/tests/bin/ds-create.sh + run: docker exec ds ${SHARED}/tests/bin/ds-create.sh - name: Install CA run: | docker exec pki pkispawn \ -f /usr/share/pki/server/examples/installation/ca.cfg \ -s CA \ - -D pki_cert_id_generator=random \ - -D pki_request_id_generator=random \ + -D pki_ds_url=ldap://ds.example.com:389 \ -v - docker exec pki pki-server cert-find - - name: Install TKS run: | docker exec pki pkispawn \ -f /usr/share/pki/server/examples/installation/tks.cfg \ -s TKS \ + -D pki_ds_url=ldap://ds.example.com:389 \ -v - docker exec pki pki-server cert-find - - name: Install TPS run: | docker exec pki pkispawn \ -f /usr/share/pki/server/examples/installation/tps.cfg \ -s TPS \ + -D pki_ds_url=ldap://ds.example.com:389 \ + -D pki_authdb_hostname=ds.example.com \ + -D pki_authdb_port=389 \ -v - name: Check TPS admin @@ -91,10 +103,12 @@ jobs: run: | # import sample TPS users docker exec pki ldapadd \ + -H ldap://ds.example.com:389 \ -D "cn=Directory Manager" \ -w Secret.123 \ -f /usr/share/pki/tps/auth/ds/create.ldif docker exec pki ldapadd \ + -H ldap://ds.example.com:389 \ -D "cn=Directory Manager" \ -w Secret.123 \ -f /usr/share/pki/tps/auth/ds/example.ldif @@ -149,13 +163,6 @@ jobs: docker exec pki pki -n caadmin tps-cert-find --token $CUID - - name: Gather artifacts - if: always() - run: | - tests/bin/ds-artifacts-save.sh --output=/tmp/artifacts/pki ds - tests/bin/pki-artifacts-save.sh pki - continue-on-error: true - - name: Remove TPS run: docker exec pki pkidestroy -i pki-tomcat -s TPS -v @@ -165,10 +172,41 @@ jobs: - name: Remove CA run: docker exec pki pkidestroy -i pki-tomcat -s CA -v + - name: Check DS server systemd journal + if: always() + run: | + docker exec ds journalctl -x --no-pager -u dirsrv@localhost.service + + - name: Check PKI server systemd journal + if: always() + run: | + docker exec pki journalctl -x --no-pager -u pki-tomcatd@pki-tomcat.service + + - name: Check CA debug log + if: always() + run: | + docker exec pki find /var/log/pki/pki-tomcat/ca -name "debug.*" -exec cat {} \; + + - name: Check TKS debug log + if: always() + run: | + docker exec pki find /var/log/pki/pki-tomcat/tks -name "debug.*" -exec cat {} \; + + - name: Check TPS debug log + if: always() + run: | + docker exec pki find /var/log/pki/pki-tomcat/tps -name "debug.*" -exec cat {} \; + + - name: Gather artifacts + if: always() + run: | + tests/bin/ds-artifacts-save.sh ds + tests/bin/pki-artifacts-save.sh pki + continue-on-error: true + - name: Upload artifacts if: always() uses: actions/upload-artifact@v4 with: name: pki-tps-test - path: | - /tmp/artifacts/pki + path: /tmp/artifacts