[Freeipa-devel] cert profiles - test plan + patches
Lenka Doudova
ldoudova at redhat.com
Thu Sep 3 11:40:55 UTC 2015
Hi,
I took a look at it at Milan's request.
patch 0008 - tracker looks ok, ACK
patch 0009 - test cases look ok as well, but can't get it to run, 10 out
of 14 tests fail, starting with internal error, which I haven't been
able to track down, nor fix it.
Lenka
=================================== FAILURES
===================================
____________________ TestProfileCRUD.test_create_duplicate
_____________________
self = <ipatests.test_xmlrpc.test_certprofile_plugin.TestProfileCRUD
object at 0x7f36459e7110>
user_profile =
<ipatests.test_xmlrpc.test_certprofile_plugin.CertprofileTracker object
at 0x7f36459e73d0>
def test_create_duplicate(self, user_profile):
msg = u'Certificate Profile with name "{}" already exists'
> user_profile.ensure_exists()
ipatests/test_xmlrpc/test_certprofile_plugin.py:178:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _
ipatests/test_xmlrpc/ldaptracker.py:169: in ensure_exists
self.create(force=True)
ipatests/test_xmlrpc/ldaptracker.py:206: in create
result = command()
ipatests/test_xmlrpc/ldaptracker.py:127: in run_command
result = cmd(*args, **options)
ipalib/frontend.py:443: in __call__
ret = self.run(*args, **options)
ipalib/frontend.py:761: in run
return self.forward(*args, **options)
ipalib/frontend.py:782: in forward
return self.Backend.rpcclient.forward(self.name, *args, **kw)
ipalib/rpc.py:947: in forward
return self._call_command(command, params)
ipalib/rpc.py:924: in _call_command
return command(*params)
ipalib/rpc.py:1075: in _call
return self.__request(name, args)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _
self = <ipalib.rpc.JSONServerProxy object at 0x7f36459e71d0>
name = 'certprofile_import'
args = (('caIPAserviceCert_mod',), {'all': False, 'description':
'Storing copy of a profile', 'file': 'profileId=caIPAservice...sion Default
policyset.serverCertSet.11.default.params.userExtOID=2.5.29.17
', 'ipacertprofilestoreissued': True, ...})
def __request(self, name, args):
payload = {'method': unicode(name), 'params': args, 'id': 0}
version = args[1].get('version', VERSION_WITHOUT_CAPABILITIES)
payload = json_encode_binary(payload, version)
if self.__verbose >= 2:
root_logger.info('Request: %s',
json.dumps(payload, sort_keys=True, indent=4))
response = self.__transport.request(
self.__host,
self.__handler,
json.dumps(payload),
verbose=self.__verbose >= 3,
)
try:
response = json_decode_binary(json.loads(response))
except ValueError as e:
raise JSONError(str(e))
if self.__verbose >= 2:
root_logger.info(
'Response: %s',
json.dumps(json_encode_binary(response, version),
sort_keys=True, indent=4)
)
error = response.get('error')
if error:
try:
error_class = errors_by_code[error['code']]
except KeyError:
raise UnknownError(
code=error.get('code'),
error=error.get('message'),
server=self.__host,
)
else:
> raise error_class(message=error['message'])
E InternalError: an internal error has occurred
On 08/31/2015 03:25 PM, Fraser Tweedale wrote:
> On Mon, Aug 31, 2015 at 12:24:13PM +0200, Martin Basti wrote:
>>
>> On 08/18/2015 04:06 PM, Milan Kubík wrote:
>>> On 08/11/2015 03:17 AM, Fraser Tweedale wrote:
>>>> On Mon, Aug 10, 2015 at 11:36:31AM +0200, Milan Kubík wrote:
>>>>> On 08/05/2015 02:57 PM, Milan Kubík wrote:
>>>>>> Hi list,
>>>>>>
>>>>>> I'm sending the test plan [1] for certificate profiles and preliminary
>>>>>> patches for it.
>>>>>> The plan covers basic CRUD test and some corner cases. I'm open to
>>>>>> more
>>>>>> suggestions.
>>>>>>
>>>>>> More complicated tests involving certificate profiles will require the
>>>>>> code (and tests)
>>>>>> for CA ACLs merged, so it's not there at the moment.
>>>>>>
>>>>>> There are some unfinished test cases in places I wasn't sure what the
>>>>>> result should be.
>>>>>> We need to iterate through these to fix it.
>>>>>>
>>>>>>
>>>>>> [1]: http://www.freeipa.org/page/V4/Certificate_Profiles/Test_Plan
>>>>>>
>>>>>> Cheers,
>>>>>> Milan
>>>>> Hi all,
>>>>>
>>>>> have you had some time to look at the code and proposal?
>>>>> Today I want to write a basic CRUD test for the ACLs as well as a few
>>>>> test
>>>>> cases to check if the ACL is being enforced. It should make it into
>>>>> wiki
>>>>> today or by tomorrow. I'll send an update then.
>>>>>
>>>>> Cheers,
>>>>> Milan
>>>>>
>>>> Hi Milan,
>>>>
>>>> I have reviewed the V4/Certificate_Profiles/Test_Plan. Couple of
>>>> comments:
>>>>
>>>> - Test case: Import profile with incorrect values
>>>> - Expected result: refused with error.
>>>> - A simple way to provoke this condition is to add a number to
>>>> ``policyset.serverCertSet.list``.
>>>> - A similar test case should exist for certprofile-mod.
>>>>
>>>> - Test case: Delete default profile
>>>> - As discussed elsewhere, expected result should be failure.
>>>> I filed ticket #5198 to make it so :)
>>>>
>>>> I will review the patch soon.
>>>>
>>>> Cheers,
>>>> Fraser
>>> Hello,
>>>
>>> how is the review going? I'd like to have at least the tracker (patch
>>> 0008)
>>> reviewed (and merged :) if possible. It will be needed in CA ACL tests.
>>>
>>> Cheers,
>>> Milan
>>>
>> Fraser, do you review this patchset?
> This fell off my radar, sorry! I eyeballed it a while back and
> everything seemed fine; I have not (successfully) run the tests yet
> though. I will complete the review tomorrow.
>
> Thanks,
> Fraser
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150903/727e1747/attachment.htm>
More information about the Freeipa-devel
mailing list