[Freeipa-devel] cert profiles - test plan + patches
Lenka Doudova
ldoudova at redhat.com
Fri Sep 4 09:06:09 UTC 2015
Hi,
there's no traceback in the file you mentioned, but I'm running it
through lite-server, so here's the traceback from there:
http://pastebin.test.redhat.com/310598
I can't really get to the problem. What I forgot to mention in the
previous email was that the tests fail when attempting to add a
certprofile, but if I try to do is manually using 'ipa
certprofile-import' command with the exact same data as used in the
test, it works fine.
Lenka
On 09/03/2015 02:35 PM, Tomas Babej wrote:
>
> On 09/03/2015 01:40 PM, Lenka Doudova wrote:
>> Hi,
>>
>> I took a look at it at Milan's request.
>>
>> patch 0008 - tracker looks ok, ACK
>> patch 0009 - test cases look ok as well, but can't get it to run, 10 out
>> of 14 tests fail, starting with internal error, which I haven't been
>> able to track down, nor fix it.
> You can investigate the internal error by inspecting the
> /var/log/httpd/error_log on the IPA server that executed the command.
>
> There should be a traceback.
>
>> Lenka
>>
>> =================================== FAILURES
>> ===================================
>> ____________________ TestProfileCRUD.test_create_duplicate
>> _____________________
>>
>> self = <ipatests.test_xmlrpc.test_certprofile_plugin.TestProfileCRUD
>> object at 0x7f36459e7110>
>> user_profile =
>> <ipatests.test_xmlrpc.test_certprofile_plugin.CertprofileTracker object
>> at 0x7f36459e73d0>
>>
>> def test_create_duplicate(self, user_profile):
>> msg = u'Certificate Profile with name "{}" already exists'
>>> user_profile.ensure_exists()
>> ipatests/test_xmlrpc/test_certprofile_plugin.py:178:
>> _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
>> _ _ _ _
>> ipatests/test_xmlrpc/ldaptracker.py:169: in ensure_exists
>> self.create(force=True)
>> ipatests/test_xmlrpc/ldaptracker.py:206: in create
>> result = command()
>> ipatests/test_xmlrpc/ldaptracker.py:127: in run_command
>> result = cmd(*args, **options)
>> ipalib/frontend.py:443: in __call__
>> ret = self.run(*args, **options)
>> ipalib/frontend.py:761: in run
>> return self.forward(*args, **options)
>> ipalib/frontend.py:782: in forward
>> return self.Backend.rpcclient.forward(self.name, *args, **kw)
>> ipalib/rpc.py:947: in forward
>> return self._call_command(command, params)
>> ipalib/rpc.py:924: in _call_command
>> return command(*params)
>> ipalib/rpc.py:1075: in _call
>> return self.__request(name, args)
>> _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
>> _ _ _ _
>>
>> self = <ipalib.rpc.JSONServerProxy object at 0x7f36459e71d0>
>> name = 'certprofile_import'
>> args = (('caIPAserviceCert_mod',), {'all': False, 'description':
>> 'Storing copy of a profile', 'file': 'profileId=caIPAservice...sion Default
>> policyset.serverCertSet.11.default.params.userExtOID=2.5.29.17
>> ', 'ipacertprofilestoreissued': True, ...})
>>
>> def __request(self, name, args):
>> payload = {'method': unicode(name), 'params': args, 'id': 0}
>> version = args[1].get('version', VERSION_WITHOUT_CAPABILITIES)
>> payload = json_encode_binary(payload, version)
>>
>> if self.__verbose >= 2:
>> root_logger.info('Request: %s',
>> json.dumps(payload, sort_keys=True, indent=4))
>>
>> response = self.__transport.request(
>> self.__host,
>> self.__handler,
>> json.dumps(payload),
>> verbose=self.__verbose >= 3,
>> )
>>
>> try:
>> response = json_decode_binary(json.loads(response))
>> except ValueError as e:
>> raise JSONError(str(e))
>>
>> if self.__verbose >= 2:
>> root_logger.info(
>> 'Response: %s',
>> json.dumps(json_encode_binary(response, version),
>> sort_keys=True, indent=4)
>> )
>> error = response.get('error')
>> if error:
>> try:
>> error_class = errors_by_code[error['code']]
>> except KeyError:
>> raise UnknownError(
>> code=error.get('code'),
>> error=error.get('message'),
>> server=self.__host,
>> )
>> else:
>>> raise error_class(message=error['message'])
>> E InternalError: an internal error has occurred
>>
>>
>>
>>
>> On 08/31/2015 03:25 PM, Fraser Tweedale wrote:
>>> On Mon, Aug 31, 2015 at 12:24:13PM +0200, Martin Basti wrote:
>>>> On 08/18/2015 04:06 PM, Milan Kubík wrote:
>>>>> On 08/11/2015 03:17 AM, Fraser Tweedale wrote:
>>>>>> On Mon, Aug 10, 2015 at 11:36:31AM +0200, Milan Kubík wrote:
>>>>>>> On 08/05/2015 02:57 PM, Milan Kubík wrote:
>>>>>>>> Hi list,
>>>>>>>>
>>>>>>>> I'm sending the test plan [1] for certificate profiles and preliminary
>>>>>>>> patches for it.
>>>>>>>> The plan covers basic CRUD test and some corner cases. I'm open to
>>>>>>>> more
>>>>>>>> suggestions.
>>>>>>>>
>>>>>>>> More complicated tests involving certificate profiles will require the
>>>>>>>> code (and tests)
>>>>>>>> for CA ACLs merged, so it's not there at the moment.
>>>>>>>>
>>>>>>>> There are some unfinished test cases in places I wasn't sure what the
>>>>>>>> result should be.
>>>>>>>> We need to iterate through these to fix it.
>>>>>>>>
>>>>>>>>
>>>>>>>> [1]: http://www.freeipa.org/page/V4/Certificate_Profiles/Test_Plan
>>>>>>>>
>>>>>>>> Cheers,
>>>>>>>> Milan
>>>>>>> Hi all,
>>>>>>>
>>>>>>> have you had some time to look at the code and proposal?
>>>>>>> Today I want to write a basic CRUD test for the ACLs as well as a few
>>>>>>> test
>>>>>>> cases to check if the ACL is being enforced. It should make it into
>>>>>>> wiki
>>>>>>> today or by tomorrow. I'll send an update then.
>>>>>>>
>>>>>>> Cheers,
>>>>>>> Milan
>>>>>>>
>>>>>> Hi Milan,
>>>>>>
>>>>>> I have reviewed the V4/Certificate_Profiles/Test_Plan. Couple of
>>>>>> comments:
>>>>>>
>>>>>> - Test case: Import profile with incorrect values
>>>>>> - Expected result: refused with error.
>>>>>> - A simple way to provoke this condition is to add a number to
>>>>>> ``policyset.serverCertSet.list``.
>>>>>> - A similar test case should exist for certprofile-mod.
>>>>>>
>>>>>> - Test case: Delete default profile
>>>>>> - As discussed elsewhere, expected result should be failure.
>>>>>> I filed ticket #5198 to make it so :)
>>>>>>
>>>>>> I will review the patch soon.
>>>>>>
>>>>>> Cheers,
>>>>>> Fraser
>>>>> Hello,
>>>>>
>>>>> how is the review going? I'd like to have at least the tracker (patch
>>>>> 0008)
>>>>> reviewed (and merged :) if possible. It will be needed in CA ACL tests.
>>>>>
>>>>> Cheers,
>>>>> Milan
>>>>>
>>>> Fraser, do you review this patchset?
>>> This fell off my radar, sorry! I eyeballed it a while back and
>>> everything seemed fine; I have not (successfully) run the tests yet
>>> though. I will complete the review tomorrow.
>>>
>>> Thanks,
>>> Fraser
>>>
>>
>>
More information about the Freeipa-devel
mailing list