diff options
| author | Nick Lewis <nick@puppetlabs.com> | 2011-06-09 16:53:39 -0700 |
|---|---|---|
| committer | Nick Lewis <nick@puppetlabs.com> | 2011-06-09 16:53:39 -0700 |
| commit | 0b0a9be25f95f7dfd14bbcc9bf7c7f9b21531100 (patch) | |
| tree | 209f006c64d64eb3cdfb9bbb7e7ba23bf962d116 | |
| parent | 649b3dc58349d3bbb1bd28bf882013c2cf5b8000 (diff) | |
| parent | d1c965a2e1ddde3907ecf83303a832a6fd5c20e9 (diff) | |
| download | puppet-0b0a9be25f95f7dfd14bbcc9bf7c7f9b21531100.tar.gz puppet-0b0a9be25f95f7dfd14bbcc9bf7c7f9b21531100.tar.xz puppet-0b0a9be25f95f7dfd14bbcc9bf7c7f9b21531100.zip | |
Merge branch '2.7.x'
Conflicts:
acceptance/tests/ticket_7117_broke_env_criteria_authconf.rb
4 files changed, 49 insertions, 120 deletions
diff --git a/acceptance/pending/ticket_3360_allow_duplicate_csr_with_option_set.rb b/acceptance/pending/ticket_3360_allow_duplicate_csr_with_option_set.rb deleted file mode 100644 index ba02227ea..000000000 --- a/acceptance/pending/ticket_3360_allow_duplicate_csr_with_option_set.rb +++ /dev/null @@ -1,50 +0,0 @@ -test_name "#3360: Allow duplicate CSR when allow_duplicate_certs is on" - -agent_hostnames = agents.map {|a| a.to_s} - -# Kill running Puppet Master -- should not be running at this point -step "Master: kill running Puppet Master" -on master, "ps -U puppet | awk '/puppet/ { print \$1 }' | xargs kill || echo \"Puppet Master not running\"" - -step "Master: Start Puppet Master" -on master, puppet_master("--allow_duplicate_certs --certdnsnames=\"puppet:$(hostname -s):$(hostname -f)\" --verbose --noop") - -step "Generate a certificate request for the agent" -on agents, "puppet certificate generate `hostname -f` --ca-location remote --server #{master}" - -step "Collect the original certs" -on master, puppet_cert("--sign --all") -original_certs = on master, puppet_cert("--list --all") - -old_certs = {} -original_certs.stdout.each_line do |line| - if line =~ /^\+ (\S+) \((.+)\)$/ - old_certs[$1] = $2 - puts "old cert: #{$1} #{$2}" - end -end - -step "Make another request with the same certname" -on agents, "puppet certificate generate `hostname -f` --ca-location remote --server #{master}" - -step "Collect the new certs" - -on master, puppet_cert("--sign --all") -new_cert_list = on master, puppet_cert("--list --all") - -new_certs = {} -new_cert_list.stdout.each_line do |line| - if line =~ /^\+ (\S+) \((.+)\)$/ - new_certs[$1] = $2 - puts "new cert: #{$1} #{$2}" - end -end - -step "Verify the certs have changed" -# using the agent name as the key may cause errors; -# agent name from cfg file is likely to have short name -# where certs might be signed with long names. -old_certs.each_key { |key| - next if key.include? master # skip the masters cert, only care about agents - fail_test("#{key} does not have a new signed certificate") if old_certs[key] == new_certs[key] -} diff --git a/acceptance/tests/ticket_3360_allow_duplicate_csr_with_option_set.rb b/acceptance/tests/ticket_3360_allow_duplicate_csr_with_option_set.rb index 58f98d2a0..9eaf4c224 100644 --- a/acceptance/tests/ticket_3360_allow_duplicate_csr_with_option_set.rb +++ b/acceptance/tests/ticket_3360_allow_duplicate_csr_with_option_set.rb @@ -2,49 +2,47 @@ test_name "#3360: Allow duplicate CSR when allow_duplicate_certs is on" agent_hostnames = agents.map {|a| a.to_s} -# Kill running Puppet Master -- should not be running at this point -step "Master: kill running Puppet Master" -on master, "ps -U puppet | awk '/puppet/ { print \$1 }' | xargs kill || echo \"Puppet Master not running\"" - -step "Master: Start Puppet Master" -on master, puppet_master("--allow_duplicate_certs --certdnsnames=\"puppet:$(hostname -s):$(hostname -f)\" --verbose --noop") - -step "Generate a certificate request for the agent" -on agents, "puppet certificate generate `hostname -f` --ca-location remote --server #{master}" - -step "Collect the original certs" -on master, puppet_cert("--sign --all") -original_certs = on master, puppet_cert("--list --all") - -old_certs = {} -original_certs.stdout.each_line do |line| - if line =~ /^\+ (\S+) \((.+)\)$/ - old_certs[$1] = $2 - puts "old cert: #{$1} #{$2}" +step "Remove existing SSL directory for agents" +on agents, "rm -r #{config['puppetpath']}/ssl" + +with_master_running_on master, "--allow_duplicate_certs --certdnsnames=\"puppet:$(hostname -s):$(hostname -f)\" --verbose --noop" do + step "Generate a certificate request for the agent" + on agents, "puppet certificate generate `hostname -f` --ca-location remote --server #{master}" + + step "Collect the original certs" + on master, puppet_cert("--sign --all") + original_certs = on master, puppet_cert("--list --all") + + old_certs = {} + original_certs.stdout.each_line do |line| + if line =~ /^\+ (\S+) \((.+)\)$/ + old_certs[$1] = $2 + puts "old cert: #{$1} #{$2}" + end end -end -step "Make another request with the same certname" -on agents, "puppet certificate generate `hostname -f` --ca-location remote --server #{master}" + step "Make another request with the same certname" + on agents, "puppet certificate generate `hostname -f` --ca-location remote --server #{master}" -step "Collect the new certs" + step "Collect the new certs" -on master, puppet_cert("--sign --all") -new_cert_list = on master, puppet_cert("--list --all") + on master, puppet_cert("--sign --all") + new_cert_list = on master, puppet_cert("--list --all") -new_certs = {} -new_cert_list.stdout.each_line do |line| - if line =~ /^\+ (\S+) \((.+)\)$/ - new_certs[$1] = $2 - puts "new cert: #{$1} #{$2}" + new_certs = {} + new_cert_list.stdout.each_line do |line| + if line =~ /^\+ (\S+) \((.+)\)$/ + new_certs[$1] = $2 + puts "new cert: #{$1} #{$2}" + end end -end -step "Verify the certs have changed" -# using the agent name as the key may cause errors; -# agent name from cfg file is likely to have short name -# where certs might be signed with long names. -old_certs.each_key { |key| - next if key.include? master # skip the masters cert, only care about agents - assert_not_equal(old_certs[key], new_certs[key], "Expected #{key} to have a changed key") -} + step "Verify the certs have changed" + # using the agent name as the key may cause errors; + # agent name from cfg file is likely to have short name + # where certs might be signed with long names. + old_certs.each_key { |key| + next if key.include? master # skip the masters cert, only care about agents + assert_not_equal(old_certs[key], new_certs[key], "Expected #{key} to have a changed key") + } +end diff --git a/acceptance/tests/ticket_6734_6256_5530_5503.rb b/acceptance/tests/ticket_6734_6256_5530_5503.rb index 8f0155efb..72bb592d8 100644 --- a/acceptance/tests/ticket_6734_6256_5530_5503.rb +++ b/acceptance/tests/ticket_6734_6256_5530_5503.rb @@ -4,9 +4,7 @@ test_name "Tickets 6734 6256 5530 5503i Puppet Master fails to start" -# Kill running Puppet Master with_master_running_on(master) do - step "Check permissions on puppet/rrd/" on master, "ls -l /var/lib/puppet | grep rrd | awk '{print $3\" \"$4}'" do fail_test "puppet/rrd does not exist/wrong permission" unless stdout.include? 'puppet puppet' diff --git a/acceptance/tests/ticket_7117_broke_env_criteria_authconf.rb b/acceptance/tests/ticket_7117_broke_env_criteria_authconf.rb index a71e84864..5eeb2f749 100644 --- a/acceptance/tests/ticket_7117_broke_env_criteria_authconf.rb +++ b/acceptance/tests/ticket_7117_broke_env_criteria_authconf.rb @@ -8,37 +8,20 @@ auth any allow * } -step "Save original auth.conf file and create a temp auth.conf" -on master, "cp #{config['puppetpath']}/auth.conf /tmp/auth.conf-7117; echo '#{add_2_authconf}' > #{config['puppetpath']}/auth.conf" +step "Create a temp auth.conf" +create_remote_file master, "/tmp/auth.conf-7117", add_2_authconf -# Kill running Puppet Master -- should not be running at this point -step "Master: kill running Puppet Master" -on master, "ps -U puppet | awk '/puppet/ { print \$1 }' | xargs kill || echo \"Puppet Master not running\"" -step "Master: Start Puppet Master" -on master, puppet_master("--certdnsnames=\"puppet:$(hostname -s):$(hostname -f)\" --verbose --noop") -# allow Master to start and initialize environment +on master, "chmod 644 /tmp/auth.conf-7117" -step "Verify Puppet Master is ready to accept connections" -host=agents.first -time1 = Time.new -until - on(host, "curl -k https://#{master}:8140") do - sleep 1 - end -time2 = Time.new -elapsed = time2 - time1 -Log.notify "Slept for #{elapsed} seconds waiting for Puppet Master to become ready" - -# Run test on Agents -step "Agent: agent --test" -on agents, puppet_agent("--test --server #{master}") +with_master_running_on(master, "--certdnsnames=\"puppet:$(hostname -s):$(hostname -f)\" --rest_authconfig /tmp/auth.conf-7117 --verbose --autosign true") do + # Run test on Agents + step "Run agent to upload facts" + on agents, puppet_agent("--test --server #{master}") -step "Fetch agent facts from Puppet Master" -agents.each do |host| - on(host, "curl -k -H \"Accept: yaml\" https://#{master}:8140/override/facts/\`hostname -f\`") do - assert_match(/--- !ruby\/object:Puppet::Node::Facts/, stdout, "Agent Facts not returned for #{host}") + step "Fetch agent facts from Puppet Master" + agents.each do |host| + on(host, "curl -k -H \"Accept: yaml\" https://#{master}:8140/override/facts/\`hostname -f\`") do + assert_match(/--- !ruby\/object:Puppet::Node::Facts/, stdout, "Agent Facts not returned for #{host}") + end end end - -step "Restore original auth.conf file" -on master, "cp -f /tmp/auth.conf-7117 #{config['puppetpath']}/auth.conf" |