From 053e613bb102ab0032701c7619ba77d0581be775 Mon Sep 17 00:00:00 2001 From: Nick Lewis Date: Thu, 9 Jun 2011 15:30:51 -0700 Subject: Remove pending copy of an active acceptance test This test was introduced as pending in 2.6.x, and active in 2.7.x. When 2.6.x was merged to 2.7.x, the pending version was merged along as well, causing no visible conflicts. It's obviously not pending, so remove it. Reviewed-By: Dominic Maraglia --- ...ket_3360_allow_duplicate_csr_with_option_set.rb | 50 ---------------------- 1 file changed, 50 deletions(-) delete mode 100644 acceptance/pending/ticket_3360_allow_duplicate_csr_with_option_set.rb diff --git a/acceptance/pending/ticket_3360_allow_duplicate_csr_with_option_set.rb b/acceptance/pending/ticket_3360_allow_duplicate_csr_with_option_set.rb deleted file mode 100644 index ba02227ea..000000000 --- a/acceptance/pending/ticket_3360_allow_duplicate_csr_with_option_set.rb +++ /dev/null @@ -1,50 +0,0 @@ -test_name "#3360: Allow duplicate CSR when allow_duplicate_certs is on" - -agent_hostnames = agents.map {|a| a.to_s} - -# Kill running Puppet Master -- should not be running at this point -step "Master: kill running Puppet Master" -on master, "ps -U puppet | awk '/puppet/ { print \$1 }' | xargs kill || echo \"Puppet Master not running\"" - -step "Master: Start Puppet Master" -on master, puppet_master("--allow_duplicate_certs --certdnsnames=\"puppet:$(hostname -s):$(hostname -f)\" --verbose --noop") - -step "Generate a certificate request for the agent" -on agents, "puppet certificate generate `hostname -f` --ca-location remote --server #{master}" - -step "Collect the original certs" -on master, puppet_cert("--sign --all") -original_certs = on master, puppet_cert("--list --all") - -old_certs = {} -original_certs.stdout.each_line do |line| - if line =~ /^\+ (\S+) \((.+)\)$/ - old_certs[$1] = $2 - puts "old cert: #{$1} #{$2}" - end -end - -step "Make another request with the same certname" -on agents, "puppet certificate generate `hostname -f` --ca-location remote --server #{master}" - -step "Collect the new certs" - -on master, puppet_cert("--sign --all") -new_cert_list = on master, puppet_cert("--list --all") - -new_certs = {} -new_cert_list.stdout.each_line do |line| - if line =~ /^\+ (\S+) \((.+)\)$/ - new_certs[$1] = $2 - puts "new cert: #{$1} #{$2}" - end -end - -step "Verify the certs have changed" -# using the agent name as the key may cause errors; -# agent name from cfg file is likely to have short name -# where certs might be signed with long names. -old_certs.each_key { |key| - next if key.include? master # skip the masters cert, only care about agents - fail_test("#{key} does not have a new signed certificate") if old_certs[key] == new_certs[key] -} -- cgit From b502423356f0cf9c42f06fe5822c8840069620ab Mon Sep 17 00:00:00 2001 From: Nick Lewis Date: Thu, 9 Jun 2011 15:41:44 -0700 Subject: Update acceptance tests to use with_master_running_on A few of these tests weren't yet using this helper, and were instead implementing similar behavior on their own. Now they all use the standard method. Reviewed-By: Jacob Helwig Reviewed-By: Dominic Maraglia --- ...ket_3360_allow_duplicate_csr_with_option_set.rb | 68 ++++++++++------------ acceptance/tests/ticket_6734_6256_5530_5503.rb | 2 - .../ticket_7117_broke_env_criteria_authconf.rb | 47 ++++----------- 3 files changed, 42 insertions(+), 75 deletions(-) diff --git a/acceptance/tests/ticket_3360_allow_duplicate_csr_with_option_set.rb b/acceptance/tests/ticket_3360_allow_duplicate_csr_with_option_set.rb index 58f98d2a0..4d650b2e9 100644 --- a/acceptance/tests/ticket_3360_allow_duplicate_csr_with_option_set.rb +++ b/acceptance/tests/ticket_3360_allow_duplicate_csr_with_option_set.rb @@ -2,49 +2,45 @@ test_name "#3360: Allow duplicate CSR when allow_duplicate_certs is on" agent_hostnames = agents.map {|a| a.to_s} -# Kill running Puppet Master -- should not be running at this point -step "Master: kill running Puppet Master" -on master, "ps -U puppet | awk '/puppet/ { print \$1 }' | xargs kill || echo \"Puppet Master not running\"" -step "Master: Start Puppet Master" -on master, puppet_master("--allow_duplicate_certs --certdnsnames=\"puppet:$(hostname -s):$(hostname -f)\" --verbose --noop") +with_master_running_on master, "--allow_duplicate_certs --certdnsnames=\"puppet:$(hostname -s):$(hostname -f)\" --verbose --noop" do + step "Generate a certificate request for the agent" + on agents, "puppet certificate generate `hostname -f` --ca-location remote --server #{master}" -step "Generate a certificate request for the agent" -on agents, "puppet certificate generate `hostname -f` --ca-location remote --server #{master}" + step "Collect the original certs" + on master, puppet_cert("--sign --all") + original_certs = on master, puppet_cert("--list --all") -step "Collect the original certs" -on master, puppet_cert("--sign --all") -original_certs = on master, puppet_cert("--list --all") - -old_certs = {} -original_certs.stdout.each_line do |line| - if line =~ /^\+ (\S+) \((.+)\)$/ - old_certs[$1] = $2 - puts "old cert: #{$1} #{$2}" + old_certs = {} + original_certs.stdout.each_line do |line| + if line =~ /^\+ (\S+) \((.+)\)$/ + old_certs[$1] = $2 + puts "old cert: #{$1} #{$2}" + end end -end -step "Make another request with the same certname" -on agents, "puppet certificate generate `hostname -f` --ca-location remote --server #{master}" + step "Make another request with the same certname" + on agents, "puppet certificate generate `hostname -f` --ca-location remote --server #{master}" -step "Collect the new certs" + step "Collect the new certs" -on master, puppet_cert("--sign --all") -new_cert_list = on master, puppet_cert("--list --all") + on master, puppet_cert("--sign --all") + new_cert_list = on master, puppet_cert("--list --all") -new_certs = {} -new_cert_list.stdout.each_line do |line| - if line =~ /^\+ (\S+) \((.+)\)$/ - new_certs[$1] = $2 - puts "new cert: #{$1} #{$2}" + new_certs = {} + new_cert_list.stdout.each_line do |line| + if line =~ /^\+ (\S+) \((.+)\)$/ + new_certs[$1] = $2 + puts "new cert: #{$1} #{$2}" + end end -end -step "Verify the certs have changed" -# using the agent name as the key may cause errors; -# agent name from cfg file is likely to have short name -# where certs might be signed with long names. -old_certs.each_key { |key| - next if key.include? master # skip the masters cert, only care about agents - assert_not_equal(old_certs[key], new_certs[key], "Expected #{key} to have a changed key") -} + step "Verify the certs have changed" + # using the agent name as the key may cause errors; + # agent name from cfg file is likely to have short name + # where certs might be signed with long names. + old_certs.each_key { |key| + next if key.include? master # skip the masters cert, only care about agents + assert_not_equal(old_certs[key], new_certs[key], "Expected #{key} to have a changed key") + } +end diff --git a/acceptance/tests/ticket_6734_6256_5530_5503.rb b/acceptance/tests/ticket_6734_6256_5530_5503.rb index 8f0155efb..72bb592d8 100644 --- a/acceptance/tests/ticket_6734_6256_5530_5503.rb +++ b/acceptance/tests/ticket_6734_6256_5530_5503.rb @@ -4,9 +4,7 @@ test_name "Tickets 6734 6256 5530 5503i Puppet Master fails to start" -# Kill running Puppet Master with_master_running_on(master) do - step "Check permissions on puppet/rrd/" on master, "ls -l /var/lib/puppet | grep rrd | awk '{print $3\" \"$4}'" do fail_test "puppet/rrd does not exist/wrong permission" unless stdout.include? 'puppet puppet' diff --git a/acceptance/tests/ticket_7117_broke_env_criteria_authconf.rb b/acceptance/tests/ticket_7117_broke_env_criteria_authconf.rb index f8f03f287..55c13370d 100644 --- a/acceptance/tests/ticket_7117_broke_env_criteria_authconf.rb +++ b/acceptance/tests/ticket_7117_broke_env_criteria_authconf.rb @@ -11,43 +11,16 @@ allow * step "Save original auth.conf file and create a temp auth.conf" on master, "cp #{config['puppetpath']}/auth.conf /tmp/auth.conf-7117; echo '#{add_2_authconf}' > #{config['puppetpath']}/auth.conf" -# Kill running Puppet Master -- should not be running at this point -step "Master: kill running Puppet Master" -on master, "ps -U puppet | awk '/puppet/ { print \$1 }' | xargs kill || echo \"Puppet Master not running\"" -step "Master: Start Puppet Master" -on master, puppet_master("--certdnsnames=\"puppet:$(hostname -s):$(hostname -f)\" --verbose --noop") -# allow Master to start and initialize environment - -step "Verify Puppet Master is ready to accept connections" -host=agents.first -time1 = Time.new -until - on(host, "curl -k https://#{master}:8140") do - sleep 1 - end -time2 = Time.new -elapsed = time2 - time1 -Log.notify "Slept for #{elapsed} seconds waiting for Puppet Master to become ready" - -step "Verify Puppet Master is ready to accept connections" -host=agents.first -time1 = Time.new -until - on(host, "curl -k https://#{master}:8140") do - sleep 1 - end -time2 = Time.new -elapsed = time2 - time1 -Log.notify "Slept for #{elapsed} seconds waiting for Puppet Master to become ready" - -# Run test on Agents -step "Agent: agent --test" -on agents, puppet_agent("--test --server #{master}") - -step "Fetch agent facts from Puppet Master" -agents.each do |host| - on(host, "curl -k -H \"Accept: yaml\" https://#{master}:8140/override/facts/\`hostname -f\`") do - assert_match(/--- !ruby\/object:Puppet::Node::Facts/, stdout, "Agent Facts not returned for #{host}") +with_master_running_on(master, "--certdnsnames=\"puppet:$(hostname -s):$(hostname -f)\" --verbose --noop") do + # Run test on Agents + step "Run agent to upload facts" + on agents, puppet_agent("--test --server #{master}") + + step "Fetch agent facts from Puppet Master" + agents.each do |host| + on(host, "curl -k -H \"Accept: yaml\" https://#{master}:8140/override/facts/\`hostname -f\`") do + assert_match(/--- !ruby\/object:Puppet::Node::Facts/, stdout, "Agent Facts not returned for #{host}") + end end end -- cgit From ecde13449aab95cba22103075a362cfeb91b4ec0 Mon Sep 17 00:00:00 2001 From: Nick Lewis Date: Thu, 9 Jun 2011 15:43:22 -0700 Subject: (#3360) Delete SSL directory in acceptance test before running A leftover SSL directory from another test, including a cert for the agent, will cause this test to fail. So before running, we remove the SSL directory to ensure this doesn't happen. Reviewed-By: Jacob Helwig Reviewed-By: Dominic Maraglia --- acceptance/tests/ticket_3360_allow_duplicate_csr_with_option_set.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/acceptance/tests/ticket_3360_allow_duplicate_csr_with_option_set.rb b/acceptance/tests/ticket_3360_allow_duplicate_csr_with_option_set.rb index 4d650b2e9..9eaf4c224 100644 --- a/acceptance/tests/ticket_3360_allow_duplicate_csr_with_option_set.rb +++ b/acceptance/tests/ticket_3360_allow_duplicate_csr_with_option_set.rb @@ -2,6 +2,8 @@ test_name "#3360: Allow duplicate CSR when allow_duplicate_certs is on" agent_hostnames = agents.map {|a| a.to_s} +step "Remove existing SSL directory for agents" +on agents, "rm -r #{config['puppetpath']}/ssl" with_master_running_on master, "--allow_duplicate_certs --certdnsnames=\"puppet:$(hostname -s):$(hostname -f)\" --verbose --noop" do step "Generate a certificate request for the agent" -- cgit From 4af97845453f9e4762a1743ba8e29316ef372f31 Mon Sep 17 00:00:00 2001 From: Nick Lewis Date: Thu, 9 Jun 2011 15:44:49 -0700 Subject: (#7117) Use a different auth.conf instead of overwriting the default This test was previously replacing the default auth.conf with its own, and restoring it afterward. This was error-prone, failing if there wasn't an initial auth.conf present. It would also causing cascading failures when this test failed, by leaving a non-standard auth.conf for other tests to use. Since this copy-and-restore behavior can be replaced by simply specifying a different auth file to use, we do that instead. Reviewed-By: Jacob Helwig Reviewed-By: Dominic Maraglia --- acceptance/tests/ticket_7117_broke_env_criteria_authconf.rb | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/acceptance/tests/ticket_7117_broke_env_criteria_authconf.rb b/acceptance/tests/ticket_7117_broke_env_criteria_authconf.rb index 55c13370d..bc1ec9ce9 100644 --- a/acceptance/tests/ticket_7117_broke_env_criteria_authconf.rb +++ b/acceptance/tests/ticket_7117_broke_env_criteria_authconf.rb @@ -8,10 +8,10 @@ auth any allow * } -step "Save original auth.conf file and create a temp auth.conf" -on master, "cp #{config['puppetpath']}/auth.conf /tmp/auth.conf-7117; echo '#{add_2_authconf}' > #{config['puppetpath']}/auth.conf" +step "Create a temp auth.conf" +create_remote_file master, "/tmp/auth.conf-7117", add_2_authconf -with_master_running_on(master, "--certdnsnames=\"puppet:$(hostname -s):$(hostname -f)\" --verbose --noop") do +with_master_running_on(master, "--certdnsnames=\"puppet:$(hostname -s):$(hostname -f)\" --rest_authconfig /tmp/auth.conf-7117 --verbose --noop") do # Run test on Agents step "Run agent to upload facts" on agents, puppet_agent("--test --server #{master}") @@ -23,6 +23,3 @@ with_master_running_on(master, "--certdnsnames=\"puppet:$(hostname -s):$(hostnam end end end - -step "Restore original auth.conf file" -on master, "cp -f /tmp/auth.conf-7117 #{config['puppetpath']}/auth.conf" -- cgit