Test: uniqueness of certificate renewal master

https://fedorahosted.org/freeipa/ticket/6504 Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com> Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
author: Oleg Fayans <ofayans@redhat.com> 2016-11-24 11:14:15 +0100
committer: Martin Babinsky <mbabinsk@redhat.com> 2016-12-08 17:26:04 +0100
commit: fad87a9962ee33cfebc4fa59aba589e98b076cea (patch)
tree: c0cbb8cf274beebdd3185777aa959a5398f38a8c /ipatests
parent: 4fff09978eab520d130d87c0112b5caac907e651 (diff)
download: freeipa-fad87a9962ee33cfebc4fa59aba589e98b076cea.tar.gz
freeipa-fad87a9962ee33cfebc4fa59aba589e98b076cea.tar.xz
freeipa-fad87a9962ee33cfebc4fa59aba589e98b076cea.zip
1 files changed, 42 insertions, 0 deletions
diff --git a/ipatests/test_integration/test_replica_promotion.py b/ipatests/test_integration/test_replica_promotion.py
index 0e93356c7..e75f4fcea 100644
--- a/ipatests/test_integration/test_replica_promotion.py
+++ b/ipatests/test_integration/test_replica_promotion.py
@@ -441,3 +441,45 @@ class TestWrongClientDomain(IntegrationTest):
                                      raiseonerr=False)
         assert(result1.returncode == 0), (
             'Failed to promote the client installed with the upcase domain name')
+
+
+class TestRenewalMaster(IntegrationTest):
+
+    topology = 'star'
+    num_replicas = 1
+
+    @classmethod
+    def uninstall(cls, mh):
+        super(TestRenewalMaster, cls).uninstall(mh)
+
+    def test_replica_not_marked_as_renewal_master(self):
+        """
+        https://fedorahosted.org/freeipa/ticket/5902
+        """
+        master = self.master
+        replica = self.replicas[0]
+        result = master.run_command(["ipa", "config-show"]).stdout_text
+        assert("IPA CA renewal master: %s" % master.hostname in result), (
+            "Master hostname not found among CA renewal masters"
+        )
+        assert("IPA CA renewal master: %s" % replica.hostname not in result), (
+            "Replica hostname found among CA renewal masters"
+        )
+
+    def test_manual_renewal_master_transfer(self):
+        replica = self.replicas[0]
+        replica.run_command(['ipa', 'config-mod',
+                             '--ca-renewal-master-server', replica.hostname])
+        result = self.master.run_command(["ipa", "config-show"]).stdout_text
+        assert("IPA CA renewal master: %s" % replica.hostname in result), (
+            "Replica hostname not found among CA renewal masters"
+        )
+
+    def test_automatic_renewal_master_transfer_ondelete(self):
+        # Test that after master uninstallation, replica overtakes the cert
+        # renewal master role
+        tasks.uninstall_master(self.replicas[0])
+        result = self.master.run_command(['ipa', 'config-show']).stdout_text
+        assert("IPA CA renewal master: %s" % self.master.hostname in result), (
+            "Master hostname not found among CA renewal masters"
+        )
author	Oleg Fayans <ofayans@redhat.com>	2016-11-24 11:14:15 +0100
committer	Martin Babinsky <mbabinsk@redhat.com>	2016-12-08 17:26:04 +0100
commit	fad87a9962ee33cfebc4fa59aba589e98b076cea (patch)
tree	c0cbb8cf274beebdd3185777aa959a5398f38a8c /ipatests
parent	4fff09978eab520d130d87c0112b5caac907e651 (diff)
download	freeipa-fad87a9962ee33cfebc4fa59aba589e98b076cea.tar.gz freeipa-fad87a9962ee33cfebc4fa59aba589e98b076cea.tar.xz freeipa-fad87a9962ee33cfebc4fa59aba589e98b076cea.zip